What the vulnerability does

01Description

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. (Chromium security severity: Medium)

Key dates

02Disclosure timeline

January 20, 2026 CVE published
January 20, 2026 Record updated