Google Chrome’s Latest Security Update Addresses 26 Critical Vulnerabilities
Google has rolled out a significant security update for its Chrome web browser, addressing 26 vulnerabilities that could potentially allow attackers to execute malicious code remotely. This update is crucial for maintaining the security and integrity of users’ systems.
Update Details:
The latest Stable channel update introduces versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS users, while Linux users will receive version 146.0.7680.153. These updates are part of Google’s ongoing efforts to enhance browser security and protect users from emerging threats.
Addressed Vulnerabilities:
This update focuses on rectifying multiple severe memory corruption flaws that pose significant risks to both individual users and enterprise networks. The vulnerabilities primarily involve memory management errors such as use-after-free conditions, heap buffer overflows, and out-of-bounds access. Exploitation of these flaws could allow attackers to execute arbitrary code on affected systems.
Critical Vulnerabilities:
Among the vulnerabilities addressed, three are classified as Critical severity:
1. CVE-2026-4439: An out-of-bounds memory access issue in WebGL.
2. CVE-2026-4440: An out-of-bounds read and write vulnerability in WebGL.
3. CVE-2026-4441: A use-after-free vulnerability in the Base component.
These vulnerabilities could allow attackers to bypass standard browser security measures, leading to potential system compromise.
High-Severity Vulnerabilities:
In addition to the critical flaws, the update addresses 22 high-severity vulnerabilities affecting various core browser modules, including Blink, Network, WebAudio, Dawn, and PDFium. Notably, a security researcher operating under the pseudonym c6eed09fc8b174b0f3eebedcceb1e792 discovered and reported nine high-severity issues, as well as one critical vulnerability.
Vulnerability Breakdown:
The following table provides a detailed breakdown of the critical and high-severity vulnerabilities addressed in this update:
| CVE Identifier | Severity | Browser Component | Vulnerability Type |
|—————-|———-|——————-|——————–|
| CVE-2026-4439 | Critical | WebGL | Out of bounds memory access |
| CVE-2026-4440 | Critical | WebGL | Out of bounds read and write |
| CVE-2026-4441 | Critical | Base | Use after free |
| CVE-2026-4442 | High | CSS | Heap buffer overflow |
| CVE-2026-4443 | High | WebAudio | Heap buffer overflow |
| CVE-2026-4444 | High | WebRTC | Stack buffer overflow |
| CVE-2026-4445 | High | WebRTC | Use after free |
| CVE-2026-4446 | High | WebRTC | Use after free |
| CVE-2026-4447 | High | V8 | Inappropriate implementation |
| CVE-2026-4448 | High | ANGLE | Heap buffer overflow |
| CVE-2026-4449 | High | Blink | Use after free |
| CVE-2026-4450 | High | V8 | Out of bounds write |
| CVE-2026-4451 | High | Navigation | Insufficient validation of untrusted input |
| CVE-2026-4452 | High | ANGLE | Integer overflow |
| CVE-2026-4453 | High | Dawn | Integer overflow |
| CVE-2026-4454 | High | Network | Use after free |
| CVE-2026-4455 | High | PDFium | Heap buffer overflow |
| CVE-2026-4456 | High | Digital Credentials API | Use after free |
| CVE-2026-4457 | High | V8 | Type Confusion |
| CVE-2026-4458 | High | Extensions | Use after free |
| CVE-2026-4459 | High | WebAudio | Out of bounds read and write |
| CVE-2026-4460 | High | Skia | Out of bounds read |
| CVE-2026-4461 | High | V8 | Inappropriate implementation |
| CVE-2026-4462 | High | Blink | Out of bounds read |
| CVE-2026-4463 | High | WebRTC | Heap buffer overflow |
| CVE-2026-4464 | Medium | ANGLE | Integer overflow |
Implications and Recommendations:
The vulnerabilities addressed in this update could allow attackers to execute arbitrary code on affected systems, potentially leading to data breaches, system compromise, and further exploitation. Users are strongly advised to update their Chrome browsers to the latest versions immediately to mitigate these risks.
Updating Chrome:
To ensure your browser is up to date, follow these steps:
1. Open Chrome.
2. Click on the three-dot menu in the upper-right corner.
3. Navigate to Help > About Google Chrome.
4. Chrome will automatically check for updates and install them if available.
5. Restart the browser to complete the update process.
Regularly updating your browser is essential to protect against known vulnerabilities and ensure a secure browsing experience.
