Google on Friday launched safety updates for its Chrome browser to handle a safety flaw that it mentioned has been exploited within the wild.
The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS rating: 8.8), has been described as a use-after-free bug in CSS. Safety researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on February 11, 2026.
“Use after free in CSS in Google Chrome previous to 145.0.7632.75 allowed a distant attacker to execute arbitrary code inside a sandbox through a crafted HTML web page,” in keeping with an outline of the flaw within the NIST’s Nationwide Vulnerability Database (NVD).
Google didn’t disclose any particulars about how the vulnerability is being exploited within the wild, by whom, or who might have been focused, however it acknowledged that “an exploit for CVE-2026-2441 exists within the wild.”
Whereas Google Chrome isn’t any stranger to actively exploited vulnerabilities, the event as soon as once more highlights how browser-based flaws are a beautiful goal for malicious actors, on condition that they’re put in all over the place and expose a broad assault floor.
The disclosure of CVE-2026-2441 makes it the primary actively exploited zero-day in Chrome that Google has patched in 2026. Final 12 months, the tech big addressed eight zero-day flaws in Chrome that had been both actively exploited or demonstrated as a proof-of-concept (PoC).
Final week, Apple additionally shipped iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to handle a zero-day flaw (CVE-2026-20700, CVSS rating: 7.8) that had been weaponized as a zero-day to execute arbitrary code on vulnerable units as a part of an “extraordinarily refined assault” focusing on particular people who had been working iOS variations earlier than iOS 26.
For optimum safety, customers are suggested to replace their Chrome browser to variations 145.0.7632.75/76 for Home windows and Apple macOS, and 144.0.7559.75 for Linux. To ensure the most recent updates are put in, customers can navigate to Extra > Assist > About Google Chrome and choose Relaunch.
Customers of different Chromium-based browsers, similar to Microsoft Edge, Courageous, Opera, and Vivaldi, are additionally suggested to use the fixes as and once they develop into out there.
