Google Just Patched 60 Chrome Bugs—Two of Them Are Critical

If you're feeling like Chrome updates are coming fast and furious lately, you're not wrong. But this latest one is worth paying attention…

Muneeb

Predict

· ~2 min read · April 24, 2026 (Updated: April 25, 2026) · Free: No

If you're feeling like Chrome updates are coming fast and furious lately, you're not wrong. But this latest one is worth paying attention to: Google just pushed out a major security update fixing 60 vulnerabilities, including two rated critical and another 14 marked high severity.

This comes right on the heels of the March 31 patch that fixed an actively exploited zero day, so yeah, Chrome's security team has been busy. The good news is there's no zero day in the wild this time around. The bad news? A pair of critical bugs in Chrome's AI engine are nasty enough that Google shelled out $43,000 apiece to the researchers who found them.

The Two Big Ones

Both critical flaws live in WebML Chrome's web machine learning component that helps run AI features directly in your browser.

The first, CVE-2026-5858, is a heap buffer overflow. According to vulnerability databases, this one is particularly ugly: it can be exploited remotely without any authentication, and it's considered easy to pull off. That's about as bad as it gets.

The second, CVE-2026-5859, is an integer overflow also lurking in WebML. This one requires some user interaction to trigger, think clicking a malicious link or landing on a booby trapped site but it's still serious enough to earn that same $43,000 bounty.

In total, Google paid out $117,000 to security researchers for responsibly disclosing just eight of these 60 bugs. That should give you a sense of how valuable and dangerous these flaws are considered.

Don't Wait for the Auto Update

Chrome does update itself automatically, but Google has admitted the rollout can take days or even weeks to reach everyone. With critical remote exploitation bugs in the mix, that's not ideal.

So do yourself a favor and force the update now. Click the three dot menu in the top-right corner of Chrome, go to Help > About Google Chrome, and let it check for the update. If it's available, it'll download and install automatically. Just make sure you actually restart the browser when it prompts you ,otherwise you're still running the vulnerable version.

The patched version you want is Chrome 147.0.7727.55. It takes two minutes, and then you're covered against all 60 of these newly discovered holes.

#technology #programming #google #chrome #bugs

< Go to the original

Google Just Patched 60 Chrome Bugs—Two of Them Are Critical

If you're feeling like Chrome updates are coming fast and furious lately, you're not wrong. But this latest one is worth paying attention…

The Two Big Ones

Don't Wait for the Auto Update

Reporting a Problem