Chrome Browser Security Updates for Cyber Attack Prevention
Google Issues Emergency Update to Mitigate Critical Vulnerabilities
A pair of critical vulnerabilities has been discovered in Google Chrome, one of the world’s most widely used web browsers, posing a significant risk to millions of users.
Vulnerability Details
- CVE-2026-5858: A heap buffer overflow vulnerability residing within Chrome’s Web Machine Learning (WebML) API.
- CVE-2026-5859: An integer overflow involving the WebML API.
According to Google, “To exploit these vulnerabilities, attackers must craft a specially designed HTML page that triggers memory corruption within the browser, enabling malicious code execution on the system.”
The flaws arise when WebML fails to properly validate memory boundaries while processing malformed or manipulated data, allowing attackers to write data beyond allocated memory buffers – a well-known precursor to code execution attacks.
Patched Flaws and Components Affected
- Two critical flaws in the WebML API.
- 14 high-severity vulnerabilities affecting various browser components:
- WebRTC
- V8 JavaScript engine
- WebAudio
- Media
- ANGLE graphics layer
Additional Patched Issues
- UI spoofing
- Policy bypasses
- Data leakage risks
- Insufficient input validation
Update Recommendation
Users running older versions of Chrome are urged to update to the latest version (147.0.7727.55/56) as soon as possible. Updates can be installed by navigating to “Settings → Help → About Google Chrome” in the browser.
About Author
English