PatchSiren cyber security CVE debrief
CVE-2026-10942 Google CVE debrief
CVE-2026-10942 is a High-severity vulnerability in Google Chrome's UI implementation on Windows. The vulnerability, which was published on 2026-06-04, allows a local attacker to perform privilege escalation via a malicious file. The CVSS score for this vulnerability is 7.8, indicating a High severity level. The vulnerability was addressed in Google Chrome version 149.0.7827.53. Users are advised to update to the latest version to mitigate this vulnerability.
- Vendor
- Product
- Chrome
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-08
Who should care
Users of Google Chrome on Windows, particularly those who may be targeted by local attackers, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability is caused by an inappropriate implementation in the UI of Google Chrome on Windows. This allows a local attacker to perform privilege escalation via a malicious file. The vulnerability has a CVSS score of 7.8 and a High severity level.
Defensive priority
High
Recommended defensive actions
- Update Google Chrome to version 149.0.7827.53 or later.
- Use a reputable antivirus solution to detect and prevent malicious files from being executed.
Evidence notes
The vulnerability was published on 2026-06-04 and modified on 2026-06-08. The CVSS score is 7.8, indicating a High severity level.
Official resources
-
CVE-2026-10942 CVE record
CVE.org
-
CVE-2026-10942 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes
-
Source reference
[email protected] - Permissions Required
CVE-2026-10942 was published on 2026-06-04 and modified on 2026-06-08. The vulnerability has a CVSS score of 7.8 and a High severity level.