79 Chrome Vulnerabilities Patched, Including 14 Critical One’s – Update Now!

HomeCyber Security News 79 Chrome Vulnerabilities Patched, Including 14 Critical One’s – Update Now! By Abinaya May 15, 2026 Google has rolled out a massive security update for its Chrome browser, sealing a staggering 79 vulnerabilities before threat actors can exploit them. With 14 of these flaws rated as critical, browsing the web on an outdated version leaves your entire system wide open to devastating cyberattacks. The newest stable release bumps Chrome to 148.0.7778.167/168 on Windows and Mac, while Linux users will upgrade to 148.0.7778.167. Google is deploying this patch over the coming days, but proactive users and enterprise administrators should trigger the update manually. The sheer volume of this release highlights the constant battle against memory corruption bugs, particularly “Use-after-free” (UAF) and “Heap buffer overflow” flaws that commonly plague complex browser architectures. As standard practice, Google keeps specific exploit details and proof-of-concept code restricted. This creates a vital window for the global user base to install the patch before malware operators weaponize the disclosures. However, the tech giant has already paid out hefty bug bounties to independent researchers, highlighting the severity of the findings. The highest reward of $43,000 went to an external researcher who discovered a critical heap buffer overflow in the WebML component. Critical Chrome Vulnerabilities Patched Google released fixes for multiple memory management flaws that could let attackers execute arbitrary code through malicious HTML pages. Below is a breakdown of the most severe vulnerabilities patched in this update that every security intelligence team needs to track. CVE ID Component Vulnerability Type Reporter Bounty CVE-2026-8509 WebML Heap buffer overflow c6eed09fc8b174b0f3eebedcceb1e792 $43,000 CVE-2026-8510 Skia Integer overflow q@calif.io $25,000 CVE-2026-8511 UI Use after free Google N/A CVE-2026-8512 FileSystem Use after free Google N/A CVE-2026-8513 Input Use after free Google N/A CVE-2026-8514 Aura Use after free Google N/A CVE-2026-8515 HID Use after free Google N/A CVE-2026-8516 DataTransfer Insufficient validation of untrusted input Google N/A CVE-2026-8517 WebShare Object lifecycle issue Google N/A CVE-2026-8518 Blink Use after free Google N/A CVE-2026-8519 ANGLE Integer overflow Google N/A CVE-2026-8520 Payments Race condition Google N/A CVE-2026-8521 Tab Groups Use after free Google N/A CVE-2026-8522 Downloads Use after free Google N/A Threat actors heavily target browser vulnerabilities to bypass sandboxes, steal sensitive data, and compromise the underlying operating system. Delaying this patch is a direct risk to your infrastructure. Take these immediate steps to secure your environment: Navigate to the three-dot menu in the top right corner of your Chrome browser. Select Help, then click on About Google Chrome. Allow the browser to fetch and install version 148 automatically. Click Relaunch to apply the security fixes and clear active sessions. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News Foxconn Confirms Cyberattack After Nitrogen Ransomware Gang Claim Trellix Breach – RansomHouse Claims Access to Parts of Source Code Top 10 Best Interactive Malware Analysis Tools in 2026 Hackers Abuse CVE-2026-41940 to Take Over cPanel and WHM Servers OpenAI Daybreak Automates Vulnerability Detection and Fixing Latest News Cyber Security News Critical Next.js Vulnerability Exposes Cloud Credentials, API keys, and Admin Panels Cyber Security News OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack Cyber Security Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access Cyber Security News Sandworm Hackers Pivot From Compromised IT Systems Toward Critical OT Assets Cyber Security News Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network