Google Chrome 145 Update Patches 11 Vulnerabilities Including High-Severity RCE Flaws
Take action: If you are using Google Chrome or other Chromium-based browsers (Edge, Brave, Vivaldi, Opera...) update ASAP. These flaws are still not exploited, but why give hackers the chance? Just update, your tabs reopen automatically.
Learn More
Google released Chrome 145 for Windows, Mac, and Linux to fix 11 security bugs on February 10, 2026, the update as of now includes three high-severity vulnerabilities.
Vulnerabilities summary:
- CVE-2026-2313 (CVSS score 8.8) - A use-after-free in the CSS engine.
- CVE-2026-2314 (CVSS score 8.8) - A heap buffer overflow in the Codecs subsystem.
- CVE-2026-2315 (CVSS score 8.8 ) - An inappropriate implementation in WebGPU.
- CVE-2026-2316(CVSS score 6.5) - An insufficient policy enforcement in Frames.
- CVE-2026-2317(CVSS score 6.5) - An inappropriate implementation in Animation.
- CVE-2026-2318 (CVSS score 6.5) - An inappropriate implementation in PictureInPicture.
- CVE-2026-2319 (CVSS score 7.5) - A race condition in the DevTools component.
- CVE-2026-2320 (CVSS score 6.5) - An inappropriate implementation in File input.
- CVE-2026-2321 (CVSS score 8.8) - A use-after-free in Ozone.
- CVE-2026-2322 (CVSS score 5.4 ) - An inappropriate implementation in File input.
- CVE-2026-2323 (CVSS score 4.3) - An inappropriate implementation in Downloads.
The update is published as Google Chrome version 145.0.7632.45 for Linux and versions 145.0.7632.45/46 for Windows and Mac.
All previous versions are vulnerable to these exploits. Google noted that details for some bugs are restricted until most users apply the patch to prevent attackers from developing exploits based on the technical documentation.
Organizations should update all Chrome instances to the latest version immediately to mitigate these risks.
Users can check their browser version by navigation to the Help > "About Google Chrome" in the browser menu.
