Google Patches 382 Chrome Vulnerabilities, Including Critical Flaws
Google has released a significant update for its Chrome browser, addressing 382 security vulnerabilities, with 15 classified as critical and 67 as high severity.

Google has rolled out Chrome version 151, a substantial update that rectifies a staggering 382 security vulnerabilities affecting its popular web browser. The release underscores Google's ongoing commitment to browser security, though the sheer volume of patched flaws highlights the persistent challenges in securing complex software.
Of the total vulnerabilities addressed, Google's internal security teams were credited with discovering and reporting the vast majority, accounting for 358 of the fixes. This internal discovery rate suggests a robust bug bounty program and proactive security research efforts within the company. While the article notes a potential surge in vulnerability discovery driven by AI, specific details on the AI tools employed remain undisclosed.
The severity distribution of the patched flaws is a key concern. Fifteen vulnerabilities have been rated as 'critical,' indicating a high potential for exploitation and severe impact. An additional 67 vulnerabilities fall into the 'high' severity category. The remaining flaws are categorized as 'medium' (169) and 'low' (131) severity, demonstrating a comprehensive approach to addressing a wide spectrum of security weaknesses.
The technical nature of these vulnerabilities includes common exploit classes such as user-after-free, out-of-bounds read/write, incorrect security UI handling, uninitialized use, type confusion, and insufficient input validation. These types of flaws are frequently targeted by attackers due to their potential to disrupt normal program execution and lead to more severe security outcomes.
Many of these security holes are concentrated within the renderer process, the component responsible for processing web content. Exploitation typically involves tricking a user into visiting a specially crafted web page. Successful exploitation could allow a remote attacker to execute arbitrary code within the renderer's sandbox environment. In more severe scenarios, a compromised renderer could potentially be used to escape this sandbox, granting the attacker broader control over the user's system.
While Google's advisory does not currently mention any of these 382 vulnerabilities being exploited in the wild, the presence of numerous critical and high-severity flaws serves as a stark reminder of the constant threat landscape. The company recently patched its fifth actively exploited zero-day vulnerability of the year, emphasizing the need for prompt patching.
Users are strongly urged to update their Google Chrome browsers to the latest version as soon as possible. Promptly applying these security updates is the most effective way to mitigate the risk of exploitation and protect against potential cyberattacks targeting these newly resolved vulnerabilities. Keeping the browser updated ensures that the latest security enhancements and fixes are in place.
This extensive patch release follows a pattern of significant vulnerability disclosures and fixes for Chrome in recent months, with previous updates addressing dozens of flaws. The continuous stream of vulnerabilities, even in mature software like Chrome, highlights the dynamic nature of cybersecurity and the perpetual arms race between defenders and attackers.
This update for Chrome, version 150.0.7871.46/.47 for Windows/Mac and related versions for Linux/Android, addresses a significant number of 382 security fixes. Among these, 15 are rated Critical, posing a risk of arbitrary code execution outside the browser sandbox, and one High-severity flaw, CVE-2026-13789, is a use-after-free vulnerability in the GPU process that could enable sandbox escapes via a malicious HTML page.