- 86/2026
- Critical
Google has released an updated Chrome version 147.0.7727.55/56 for Windows/Mac and 147.0.7727.55 for Linux.
The addressed vulnerabilities could allow the attacker to execute arbitrary code, gain elevated privileges, obtain sensitive information, bypass security restrictions, or perform denial-of-service attacks on the affected system.
Sample of the addressed vulnerabilities:
1. Google Chrome Use After Free in PrivateAI Vulnerability (CVE-2026-5874):
- CVSS: 9.6
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Bypass Security
2. Google Chrome Heap Buffer Overflow in WebML Vulnerability (CVE-2026- 5858):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.