Google patches 10 security flaws in chrome 144 update
Take action: If you are using Google Chrome or other Chromium-based browsers (Edge, Brave, Vivaldi, Opera...) patch your browser ASAP. No critical flaws in this update, but don't wait for the flaw to become actively exploited. Update now, it's trivial and all your tabs reopen after the update.
Learn More
Google released Chrome 144 for Windows, Mac, and Linux to fix 10 security bugs. The update focuses on the V8 JavaScript engine, the Blink renderer and the download system.
Vulnerabilities summary:
- CVE-2026-0899 (CVSS score 8.8): Out of bounds memory access in V8.
- CVE-2026-0900 (CVSS score 8.8): Inappropriate implementation in V8.
- CVE-2026-0901 (CVSS score 8.8): Inappropriate implementation in Blink.
- CVE-2026-0902 (CVSS score 6.5): Inappropriate implementation in V8.
- CVE-2026-0903 (CVSS score 6.5): Insufficient validation of untrusted input in Downloads.
- CVE-2026-0904 (CVSS score 6.5): Incorrect security UI in Digital Credentials.
- CVE-2026-0905 (CVSS score 6.5): Insufficient policy enforcement in Network.
- CVE-2026-0908 (CVSS score 3.1): Use after free in ANGLE.
Users can check their browser version by navigating to the Help > About Google Chrome menu. Most desktop versions will update automatically, but manual checks ensure the patch is active.
The new versions are 144.0.7559.59 for Linux and 144.0.7559.59/60 for Windows and Mac. Google started the rollout on January 13, 2026.
