Google has announced the release of the Chrome 146 update, which addresses eight critical memory safety vulnerabilities. This update is essential for users to enhance their browser security.
Details of the Vulnerabilities Patched
Among the vulnerabilities addressed, the heap buffer overflow issue in WebAudio, identified as CVE-2026-4673, is noteworthy. The researcher who discovered this flaw was awarded a $7,000 bounty. Another significant issue, CVE-2026-4677, also found in WebAudio, has been reported, though the bounty for it has yet to be determined by Google.
In addition to these, the update tackles an out-of-bounds read bug in CSS (CVE-2026-4674) and a heap buffer overflow in WebGL (CVE-2026-4675). Three use-after-free vulnerabilities in Dawn, WebGPU, and FedCM (CVE-2026-4676, CVE-2026-4678, and CVE-2026-4680) were also resolved, along with an integer overflow issue in Fonts (CVE-2026-4679).
Importance of Updating Chrome
Google has urged users to apply the latest update on their browsers immediately. The patched versions are 146.0.7680.164/165 for Windows and macOS and 146.0.7680.164 for Linux. Staying updated is crucial as such vulnerabilities are often exploited in cyber-attacks.
Just two weeks prior, Google released an emergency update to address two zero-day vulnerabilities, CVE-2026-3909 and CVE-2026-3910. While specific details were not disclosed, these vulnerabilities are typically targeted by commercial surveillance entities.
Outlook and Recommendations
With the continuous discovery of security flaws, it remains imperative for users to keep their browsers up-to-date. Google’s proactive approach in resolving these issues highlights the importance of cybersecurity in today’s digital landscape. Users should regularly check for updates and apply them promptly to protect against potential threats.
Related news on cybersecurity includes warnings about a critical Citrix NetScaler vulnerability and insights from M-Trends 2026 indicating a significant reduction in initial access handoff times.
