Google released Chrome 149 with fixes for 429 security vulnerabilities, a record-sized browser security update that affects users on Windows, macOS, and Linux. The most severe issue is CVE-2026-10881, a CVSS 9.6 out-of-bounds read/write flaw in the ANGLE graphics engine that could let a remote attacker use a crafted HTML page to escape Chrome’s sandbox and potentially run code on the operating system. Google also fixed critical flaws CVE-2026-10882 in Network and CVE-2026-10883 in ANGLE in versions 149.0.7827.53 for Linux and 149.0.7827.53/54 for Windows and macOS.
Why it matters: Chrome is widely used, so a large set of browser bugs with multiple critical issues can put many users and organizations at risk from malicious websites. Users and administrators should update Chrome promptly across all devices and managed fleets.
Ionut Arghire
2026.06.05
100% relevant
This article establishes a new tracked story because it covers a distinct Chrome 149 security release, not the previously tracked Chrome 148 update.
← Back to all stories