Google released a Chrome 148 security update that fixes 151 vulnerabilities, including 22 critical bugs that could help attackers run malicious code through the browser. The most severe issues named are CVE-2026-9872 (out-of-bounds write in GPU), CVE-2026-9873 (use-after-free in Network), CVE-2026-9874 (use-after-free in Dawn), CVE-2026-9875 (out-of-bounds read in WebGL), and CVE-2026-9876 (use-after-free in WebGL). The update is rolling out as 148.0.7778.216/217 for Windows, 148.0.7778.215/216 for macOS, and 148.0.7778.215 for Linux.
Why it matters: Chrome is widely used, so browser flaws with remote-code-execution potential can expose large numbers of people and organizations to drive-by compromise if left unpatched. Users and IT teams should update Chrome promptly across Windows, macOS, and Linux fleets.
Ionut Arghire
2026.05.29
100% relevant
This article establishes a distinct patch-cycle story centered on Google's Chrome 148 update and the specific set of newly disclosed CVEs it fixes; no existing tracked story covers this same release.
← Back to all stories