Google has released another Chrome security update, fixing 27 vulnerabilities across desktop versions of the browser, including two flaws rated as critical. The update arrives shortly after another Chrome patch, making this the second browser security release in quick succession.
The fixed versions are Chrome 150.0.7871.114 and 150.0.7871.115 for Windows and macOS, and Chrome 150.0.7871.114 for Linux. Google says it has no evidence that the newly patched vulnerabilities are being actively exploited in the wild, but the presence of critical bugs makes this an update worth installing as soon as possible.
The two most serious vulnerabilities are CVE 2026 15112 and CVE 2026 15129. Both are use after free flaws, a common memory safety problem that can allow attackers to abuse freed memory if the right conditions are met. In this case, the issues affect Chrome’s Ozone and Views components.
Chrome 150 continues to receive major security fixes after a large vulnerability cleanup
The latest update fixes 27 security issues in total. Google found 24 of them internally, while outside security researchers reported the remaining flaws. The company paid $3,000 in bug bounties for the externally reported vulnerabilities.
| Chrome update detail | Information |
|---|---|
| Updated desktop versions | 150.0.7871.114 and 150.0.7871.115 |
| Platforms | Windows, macOS, Linux |
| Total vulnerabilities fixed | 27 |
| Critical vulnerabilities | 2 |
| High risk vulnerabilities | 23 |
| Medium risk vulnerabilities | 2 |
| Most common flaw type | Use after free |
| Known active exploitation | None reported by Google |
| Mobile updates | Android and iOS also received Chrome 150 updates |
Use after free issues remain one of the most common bug types in Chrome security updates. This release includes 13 such vulnerabilities, making them the largest category in the patch. These flaws are closely watched because browser memory bugs can be serious when paired with other exploit techniques.

The timing is notable because Google released Chrome 150.0.7871.100 and 150.0.7871.101 just one day earlier without publishing details about the vulnerabilities fixed in that build. Before that, Chrome 150 itself arrived with a much larger security cleanup, fixing more than 400 flaws, including several critical ones.
For Chrome users, the practical advice is simple. The browser usually updates automatically, but it is still worth checking manually if you have not restarted Chrome recently. You can do that by opening the Chrome menu, going to Help, and then selecting About Google Chrome. The browser will check for updates and install the latest available version.
Google has also updated Chrome for Android to version 150.0.7871.114 and Chrome for iOS to version 150.0.7871.113. The Android release addresses the same vulnerabilities as the desktop versions, while the Extended Stable Channel for Windows and macOS now includes Chromium version 150.0.7871.115.
The next major Chrome release, Chrome 151, is scheduled for the end of July. Until then, Chrome 150 is likely to continue receiving security patches if Google identifies serious issues.
Even though Google says these flaws are not known to be exploited, delaying browser updates is still risky. Chrome is one of the most widely used applications on Windows, macOS, Linux, Android, and iOS, and browser vulnerabilities are attractive targets because they can be reached through malicious websites, ads, scripts, or compromised pages.
This update is another reminder that browser security is an ongoing process. Chrome 150 already brought a large patch set, and Google is still cleaning up serious issues shortly after release. For most users, keeping automatic updates enabled and restarting the browser regularly remains the easiest way to stay protected.



Discussion (0)
Be the first to comment.