VYPR
patchPublished Jul 9, 2026· 2 sources

Google Chrome 150 Update Fixes 27 Vulnerabilities, Including Two Critical Flaws

Google Chrome 150 has been released with patches for 27 vulnerabilities, including two critical-severity flaws.

Google has rolled out a significant security update for its popular Chrome browser, version 150, addressing a total of 27 vulnerabilities. Among these are two critical-severity flaws that have been resolved, prompting users to update their browsers as soon as possible to mitigate potential security risks.

The two most severe vulnerabilities are use-after-free issues affecting Chrome's Ozone and Views components. These critical bugs were identified internally by Google researchers last month and have now been patched in the latest release. The update resolves a total of 13 use-after-free defects across the browser, including 10 high-severity and one medium-severity weakness.

Beyond the use-after-free bugs, the Chrome 150 update also tackles a variety of other vulnerability types. These include issues related to uninitialized use, integer overflow, out-of-bounds read and write operations, insufficient validation of untrusted input, inappropriate implementation, inadequate data validation, and insufficient policy enforcement.

A notable trend highlighted by this release is the increasing number of vulnerabilities discovered by Google's internal teams, often attributed to the use of AI in security research. While this has led to a decrease in bug bounty rewards for external researchers, it has also resulted in a higher volume of security weaknesses being identified and fixed. Since April, Google has addressed over 1,400 Chrome vulnerabilities, with hundreds of these being memory safety bugs.

This proactive patching strategy is crucial for maintaining the security of the vast user base of Google Chrome. The browser is a primary target for attackers seeking to exploit software flaws for malicious purposes, ranging from data theft to deploying malware. The timely resolution of these vulnerabilities helps protect users from potential exploitation.

The latest iteration of Chrome is now available for download. Users on Windows and macOS can update to versions 150.0.7871.114/.115, while Linux users can update to version 150.0.7871.114. Promptly applying this update is essential for ensuring that the browser remains protected against known security threats.

This release follows a pattern of frequent and substantial security updates for Chrome, underscoring the ongoing efforts by Google to maintain a secure browsing experience. The company's commitment to identifying and fixing vulnerabilities, whether through internal research or external bug bounty programs, remains a cornerstone of its security posture.

This update, version 150.0.7871.114/.115, specifically addresses two critical use-after-free vulnerabilities, CVE-2026-15112 in Ozone and CVE-2026-15129 in Views, which could lead to remote code execution if a user visits a malicious webpage. Additionally, the patch includes fixes for several high-severity memory-safety issues and input validation flaws across components like V8, Autofill, and WebRTC, further hardening the browser against exploitation.

Synthesized by Vypr AI