Overview
- Emergency stable‑channel releases are rolling out to Chrome 145.0.7632.75/76 on Windows and macOS and 144.0.7559.75 on Linux.
- The flaw, CVE-2026-2441, is a high‑severity use‑after‑free in Chrome’s CSS/font handling that enables code execution inside the browser sandbox via a crafted webpage.
- Researcher Shaheen Fazim reported the vulnerability on February 11, and Google shipped fixes roughly two days later.
- Google has withheld detailed technical and targeting information during the rollout, and commit notes indicate related hardening work remains under internal tracking.
- National advisories, including from India’s CERT‑In, urge immediate updating and note that other Chromium‑based browsers should apply equivalent fixes when available.