An actively exploited use-after-free flaw in Google Chrome’s CSS engine, tracked as CVE-2026-2441, enables remote code execution and prompted an out-of-band emergency update. Users should update Chrome Stable on Windows, macOS, and Linux to versions 145.0.7632.75/76 or 144.0.7559.75 (or extended 144.0.7559.177) immediately to mitigate the risk #CVE-2026-2441 #GoogleChrome
Keypoints
- CVE-2026-2441 is a use-after-free vulnerability in Chrome’s CSS processing that can allow remote code execution.
- Google released an emergency Stable channel update to versions 145.0.7632.75/76 (Windows/macOS) and 144.0.7559.75 (Linux) to fix the issue.
- The flaw is being actively exploited in the wild and carries an Extremely High Risk rating with a CVSS score of 8.8.
- Chromium-based browsers, including Microsoft Edge, are expected to receive corresponding patches and users should monitor updates.
- Users can update via Chrome’s menu → Help → About Google Chrome or through their Linux distribution’s software manager immediately.
Read More: https://thecyberexpress.com/cve-2026-2441-google-chrome/