Mumbai, February 16: Google has released an emergency security update for its Chrome browser to address a high-severity vulnerability that is currently being exploited by hackers. The flaw, identified as CVE-2026-2441, marks the first actively exploited zero-day vulnerability patched by the company in 2026.

The security loophole was discovered and reported by researcher Shaheen Fazim on February 11. Google has acknowledged that an exploit for this vulnerability exists in the wild, although the company has withheld specific details regarding the identity of the attackers or the nature of the targeted victims to prevent further exploitation before users can update. Data Breach 2026: 149 Million Login Credentials for Gmail, Facebook and Binance Exposed Online; Cybersecurity Researcher Unsecured Database.

Google Technical Nature of the Vulnerability

The flaw is classified as a "use-after-free" bug within the browser’s CSS (Cascading Style Sheets) engine. It carries a CVSS score of 8.8, indicating its high severity. This type of memory corruption allows a remote attacker to execute arbitrary code within the browser's sandbox environment.

In practical terms, an attacker could compromise a user's system by tricking them into visiting a specially crafted HTML page. Once accessed, the harmful code can bypass certain safety protections, potentially allowing the attacker to take control of specific browser functions.

Google Chrome Error: Recommended Actions for Users

Google has rolled out the fix in Chrome version 145.0.7632.75/76 for Windows and macOS, while Linux users are advised to update to version 144.0.7559.75. To ensure protection, users should navigate to the 'About Google Chrome' section within their browser settings and relaunch the application to apply the latest patches.

Because the vulnerability exists in the underlying Chromium engine, users of other popular browsers—including Microsoft Edge, Brave, Opera, and Vivaldi—are also urged to apply updates as they are released by their respective manufacturers.

Chrome CVE-2026-2441 Patch

The discovery of CVE-2026-2441 follows a year in which Google addressed eight zero-day flaws in its flagship browser. The development underscores the persistent threat posed by browser-based vulnerabilities, which offer a broad attack surface for malicious actors due to their near-universal installation on consumer and enterprise systems. Siemens and DSCI To Launch 'OT Cybersecurity Lab' at Nasscom Campus in Noida With Aim To India's Critical Infrastructure.

The Chrome update coincides with similar emergency measures taken by Apple last week. The iPhone manufacturer recently patched its own zero-day flaw (CVE-2026-20700) that was weaponised in sophisticated, targeted attacks against individuals running versions older than iOS 26. These concurrent updates from major tech firms highlight a coordinated effort to combat increasingly complex digital threats

TruLY Score by LatestLY
Rating:3

TruLY Score 3 – Believable; Needs Further Research | On a Trust Scale of 0-5 this article has scored 3 on LatestLY, this article appears believable but may need additional verification. It is based on reporting from news websites or verified journalists (The Hacker News), but lacks supporting official confirmation. Readers are advised to treat the information as credible but continue to follow up for updates or confirmations

(The above story first appeared on LatestLY on Feb 16, 2026 03:49 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).