In order to fix a security vulnerability that it claimed has been exploited in the wild, Google released security updates for its Chrome browser on Friday. The high-severity vulnerability has been identified as a use-after-free bug in CSS and is tracked as CVE-2026-2441 (CVSS score: 8.8). The vulnerability was identified and reported on February 11, 2026, by security researcher Shaheen Fazim.

NIST's National Vulnerability Database (NVD) describes the vulnerability as "Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."

Google acknowledged that "an exploit for CVE-2026-2441 exists in the wild," but it provided no information about how the vulnerability is being exploited in the wild, by whom, or who might have been targeted. Although actively exploited vulnerabilities are nothing new to Google Chrome, the development once again demonstrates how browser-based flaws are a prime target for bad actors because they are widely installed and expose a large attack surface. The first actively exploited Chrome zero-day that Google has patched in 2026 is CVE-2026-2441.

Eight Chrome zero-day vulnerabilities that were either actively exploited or shown as a proof-of-concept (PoC) were fixed by the tech giant last year.

Additionally, Apple released updates for iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS last week to fix a zero-day vulnerability (CVE-2026-20700, CVSS score: 7.8) that had been used as a zero-day to run arbitrary code on vulnerable devices as part of a "extremely sophisticated attack" that targeted specific users of iOS devices running versions prior to iOS 26. Users are recommended to update Chrome to versions 145.0.7632.75/76 for Windows and Apple macOS, and 144.0.7559.75 for Linux, for the best protection. Users can go to More > Help > About Google Chrome and choose Relaunch to ensure the most recent updates are installed.

It is also recommended that users of other Chromium-based browsers, including Microsoft Edge, Brave, Opera, and Vivaldi, install the updates as soon as they are made available.