Google Fixes Critical Chrome Vulnerability Exploited in the Wild (CVE-2026-2441)
High-Severity Chrome Vulnerability Patched by Google Amid In-the-Wild Exploit
Google has released a security update for its Chrome browser to address a high-severity zero-day vulnerability, identified as CVE-2026-2441. The patch was shipped on Friday, and the company has confirmed that an exploit for this vulnerability is actively being used in the wild.
Vulnerability Details
The CVE-2026-2441 vulnerability is a use-after-free bug in Chrome’s CSS processing component, allowing a remote attacker to execute arbitrary code within a sandbox by crafting a malicious HTML page. This issue was reported by researcher Shaheen Fazim on February 11, 2026. Notably, this vulnerability was discovered just a day after Google fixed another use-after-free flaw in the same component, which was also identified by researchers.
Security Patch and Recommendations
Google has not provided further details about the fixed zero-day vulnerability or its in-the-wild exploitation, following the company’s standard practice of not disclosing extensive information about patched vulnerabilities.
The security patch has been included in Chrome version 145.0.7632.75/76 for Windows and Mac, and version 144.0.7559.75 for Linux. Users with automatic updates enabled in Chrome have likely already received the security patch.
The prompt response to this vulnerability highlights the importance of keeping software up to date, as attackers often quickly exploit newly discovered vulnerabilities. Users are advised to ensure their Chrome browser is running the latest version to protect against potential attacks.
About Author
English