- 160/2026
- Critical
Google has released an updated Chrome version 148.0.7778.216/217 for Windows, 148.0.7778.215/216 for Mac, and 148.0.7778.215 for Linux.
The addressed vulnerabilities could allow the attacker to perform spoofing and denial-of-service attacks, obtain sensitive information, bypass security restrictions, or execute arbitrary code on the affected system via a crafted HTML page.
Sample of the addressed vulnerabilities:
1. Google Chrome Out of Bounds Write in GPU Vulnerability (CVE-2026-9872):
- CVSS: 9.6
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Bypass Security
2. Google Chrome Use After Free in Network Vulnerability (CVE-2026-9873):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Remote Code Execution
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.