- 105/2026
- Critical
Google has released an updated Chrome version 147.0.7727.137/138 for Windows and Mac, and 147.0.7727.137 for Linux.
The addressed vulnerabilities could allow the attacker to bypass security restrictions, induce the victim to install a malicious extension to leak cross-origin data via a crafted Chrome Extension, obtain sensitive information, exploit heap corruption, or execute arbitrary code, and gain access to the affected systems.
Sample of the addressed vulnerabilities:
1. Google Chrome Views Use After Free Vulnerability (CVE-2026-7343):
- CVSS: 9.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Bypass Security
2. Google Chrome V8 Type Confusion Vulnerability (CVE-2026-7337):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.