- 37/2026
- High
Google has released an updated Chrome version 145.0.7632.109/110 for Windows/Mac and 144.0.7559.109 for Linux.
The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, cause memory corruption, or bypass security restrictions by persuading the victim to open a specially crafted PDF file or visit a malicious website.
Sample of the addressed vulnerabilities:
1. Google Chrome Integer Overflow in V8 Vulnerability (CVE-2026-2649):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
2. Google Chrome Heap Buffer Overflow in Media Vulnerability (CVE-2026-2650):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Memory Corruption
Vulnerabilities
- CVE-2026-2648
- CVE-2026-2649
- CVE-2026-2650
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.