| VID |
28967 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Google Chrome installed on the remote Windows host is prior to 148.0.7778.96. It is, therefore, affected by multiple vulnerabilities as referenced in the 2026_05_stable-channel-update-for-desktop advisory.
- Use after free in WebRTC. (CVE-2026-7928, CVE-2026-7987, CVE-2026-8016) - Integer overflow in Blink. (CVE-2026-7896) - Use after free in Mobile. (CVE-2026-7897) - Use after free in Chromoting. (CVE-2026-7898, CVE-2026-7925) - Out of bounds read and write in V8. (CVE-2026-7899)
* References: https://crbug.com/504612429 https://crbug.com/498696266 https://crbug.com/497695401 https://crbug.com/493747582 https://crbug.com/504069514 https://crbug.com/504587882 https://crbug.com/501833981 https://crbug.com/505481948
* Platforms Affected: Google Chrome versions prior to 148.0.7778.96 Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Google Chrome (148.0.7778.96 or later), available from the Google Web site at http://www.google.com/chrome/ |
| Related URL |
CVE-2026-7928,CVE-2026-7987,CVE-2026-8016,CVE-2026-7896,CVE-2026-7897,CVE-2026-7898,CVE-2026-7925,CVE-2026-7899,CVE-2026-7902 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|