- 141/2026
- Critical
Google has released an updated Chrome version 148.0.7778.167/168 for Windows and Mac, and version 148.0.7778.167 for Linux.
The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial-of-service attacks, gain elevated privileges, obtain sensitive information, manipulate data, or execute arbitrary code and gain access to the affected systems.
Sample of the addressed vulnerabilities:
1. Google Chrome UI Use-After-Free Vulnerability (CVE-2026-8511):
- CVSS: 9.6
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Security Bypass
2. Google Chrome Skia Integer Overflow Vulnerability (CVE-2026-8510):
- CVSS: 7.5
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Consequences: Data Manipulation
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.