Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Chrome 147 Fixes 60 Security Flaws, Two Critical

Chrome 147 Fixes 60 Security Flaws, Two Critical

Posted on April 10, 2026 By CWS

Google has unveiled the stable release of Chrome 147, which addresses 60 security vulnerabilities, including two critical ones. These critical issues pertain to the WebML component, a tool for running machine learning models within the browser.

Critical Security Flaws Addressed

The two critical vulnerabilities identified in Chrome’s WebML component have been classified as a heap buffer overflow (CVE-2026-5858) and an integer overflow (CVE-2026-5859). These were reported by anonymous researchers who each received a $43,000 reward for their discoveries. The significance of these bugs suggests potential risks such as sandbox escapes and remote code execution.

High Severity Vulnerabilities

Besides the critical flaws, the update also rectifies 14 high-severity vulnerabilities. These affect various Chrome components, including WebRTC, V8, and WebAudio. Google internally discovered many of these issues, while others were identified by external researchers. Among these, two vulnerabilities were rewarded with bug bounties: $11,000 for CVE-2026-5860 and $3,000 for CVE-2026-5861.

Medium and Low Severity Issues

The remaining vulnerabilities are classified as medium and low severity. Notably, a medium-severity issue, identified as CVE-2026-5874, involves a use-after-free error in PrivateAI and earned a $11,000 reward. Although these vulnerabilities are less severe, their resolution is crucial for maintaining browser security.

In a previous update in late March, Google addressed 21 vulnerabilities in Chrome, including a zero-day exploited in attacks. As part of ongoing security improvements, Google also introduced new session cookie protections to mitigate the risk of account compromise through stolen authentication cookies.

While there is no evidence of these vulnerabilities being exploited in the wild, the timely patching highlights Google’s commitment to browser security. The release of Chrome 147 underscores the importance of staying updated with the latest software versions to protect against potential threats.

Security Week News Tags:browser security, bug bounty, Chrome 147, critical flaws, Cybersecurity, Google Chrome, patch update, security update, Vulnerabilities, WebML

Post navigation

Previous Post: AI Extensions: The Emerging Security Threat in Browsers
Next Post: MuddyWater Embraces Russian Malware in ChainShell Attack

Related Posts

BoryptGrab Malware Exploits Over 100 GitHub Repositories BoryptGrab Malware Exploits Over 100 GitHub Repositories Security Week News
The Loudest Voices in Security Often Have the Least to Lose The Loudest Voices in Security Often Have the Least to Lose Security Week News
Pro-Russian Hackers Claim Cyberattack on French Postal Service Pro-Russian Hackers Claim Cyberattack on French Postal Service Security Week News
Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign Security Week News
Stolen Credentials: A Persistent Threat to Cybersecurity Stolen Credentials: A Persistent Threat to Cybersecurity Security Week News
Airrived Secures .1 Million for AI-Powered Operations Airrived Secures $6.1 Million for AI-Powered Operations Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • ACSC Raises Alarm on CMS Exploitation Threat
  • GodDamn Ransomware Uses PoisonX to Evade Security
  • Critical Roundcube XSS Flaws Require Immediate Update
  • GigaWiper Malware: A New Threat to Windows Systems
  • AI Aids Hacker in Swift 72-Hour AWS Cloud Breach

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • ACSC Raises Alarm on CMS Exploitation Threat
  • GodDamn Ransomware Uses PoisonX to Evade Security
  • Critical Roundcube XSS Flaws Require Immediate Update
  • GigaWiper Malware: A New Threat to Windows Systems
  • AI Aids Hacker in Swift 72-Hour AWS Cloud Breach

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark