—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Use after free vulnerability in Google Chrome for Desktop

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Google Chrome versions prior to 145.0.7632.75/76 for Windows/Mac

Google Chrome versions prior to 144.0.7559.75 for Linux

Overview

A vulnerability has been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system.

Target Audience:

All end-user organisations and individuals using affected Google Chrome for Desktop.

Risk Assessment:

Potential for system compromise and service unavailability.

Impact Assessment:

High risk of system compromise and service disruptions.

Description

Google Chrome is a widely used web browser developed by Google and used for accessing web-based content on Windows, macOS, and Linux systems.

This vulnerability exists in Google Chrome due to Use-After-Free condition in the CSS component of Chrome¿s rendering engine. A remote attacker could exploit this vulnerability by convincing a user to visit a specially crafted HTML webpage.

Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.

Note: This vulnerability is being exploited in the wild. Users are advised to apply the patch immediately.

Solution

Apply appropriate updates as mentioned by the vendor

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html

Vendor Information

Google Chrome

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html

References

Google Chrome

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html

CVE Name

CVE-2026-2441

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmUf6wACgkQ3jCgcSdc

ys+uLQ/9F0e1XP2lMCF15rP4D0sL3skU063YxtP3nrXQq3rW761I3OI16cTU7LEo

KqK1jYGfUKls7XiH2LWYw3SLDtuY8t1tEmmfKz0AtRdEF/4cAgwk20yhoSHoK5oS

rTAybl4VqYFzShIOBhKvb89rl7aZJaTfok/N3MvKDUrUPTVBjmKiHmictyT4ASje

DlGz4fIkhrsK8AHaWh0+plihGWe1vVuzm51DdjZxCFil2ulu/4+Dw57phoTTjSfh

L0y3tD9SjP6h/q9oxb5Er5MduGu/+egOMVeJbX+Dq7nU2LgmIZZvPKUskj09Qw7j

BvYKLesLu4BqF+AmYLlwqacSfu855V+IWB2aB2Pue1D7Kotkp4XHiazUykwrjzpl

ULC7qkaAy+SXwaFqjKt6hjq5PO3FLfyPV6WENIo6k7E+kVldLvmJbbW13mFi4mu3

mUKqfwMF2dpzrL4oHurJzpJoWmaN3vpsvZ+ajJLl8AkSVEMVtjIWqvlL2UP7Fh/l

93Et0/Zhj3dAzVA4/t7nV9Bw1G4n3/VQ7VGQ25gy6dVrT/7A6/s9GaQii1aE6vcC

MxycOKCMOwK7fK3dshMP9hTACZVlbR+9d53Ur+JyzbED3bxoUkMXjHJgQcMtIVOo

b9Q+aCtI5alHZSCKK9HNLZ6XasOqJYnz0QpKvr88K7nxTG9iYN8=

=cSs/

—–END PGP SIGNATURE—–