Google announced safety upgrades for its Chrome browser on Friday, fixing a security flaw that it claimed had been found in the wild.
The high-severity vulnerability, identified as ( CVSS score: 8.8 ), has been described as a use-after-free bug in CSS. Shaheen Fazim, a safety scholar, is credited with discovering and reporting the flaw on February 11, 2026.
According to a description of the flaw in the NIST’s National Vulnerability Database ( NVD),” Use after free in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.”
Google that” an exploit for CVE-2026-2441 exists in the wild and has not provided any details about how the risk is being exploited in the wild or by whom or who may have been targeted.”
Google Chrome is no person to constantly exploiting vulnerabilities, but the development once more demonstrates how browser-based flaws are a target for nefarious actors because they are installed outside and introduce a wide attack surface.
The second Chrome zero-day that Google patched in 2026 is now publicly known, with the release of CVE-2026-2441. The tech giant fixed eight zero-day flaws in Chrome that were either actively exploited or demonstrated as a proof-of-concept ( PoC ) last year.
Apple also distributed iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates last week to fix a zero-day flaw ( CVE-2026-20700, CVSS score: 7.8 ) that had been used as a “extremely sophisticated attack” to target specific individuals who were running iOS versions before iOS 26.
People are advised to update their Chrome browser to versions 145.0.7632.75/76 for Windows and Apple mac, and 144.0.7559.75 for Linux for maximum security. People can go to More >, Help >, About Google Chrome, and find Open to make sure the most recent upgrades are installed.
People of various Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi are also advised to use the changes as and when they become available.