[CIVN-2026-0359] Multiple vulnerabilities in Google Chrome for Desktop

By Published On: July 10, 2026

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256


Multiple vulnerabilities in Google Chrome for Desktop


Indian – Computer Emergency Response Team (https://www.cert-in.org.in)


Severity Rating: CRITICAL


Software Affected


Google Chrome versions prior to 150.0.7871.114/.115 for Windows and Mac

Google Chrome versions prior to 150.0.7871.114 for Linux

Overview


Multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code, bypass security restrictions, disclose sensitive information and cause denial of service (DoS) condition on the targeted system.


Target Audience:

All end-user organizations and individuals using Google Chrome for Desktop.


Impact Assessment:

Potential for full system compromise, service unavailability and information disclosure.


Risk Assessment:

High risk of security policy bypass, data loss and service disruptions.


Description


Google Chrome is a popular internet browser that is used for accessing the information available on worldwide web. It is designed for use on desktop computers, such as those running on Windows, macOS or Linux operating system.


Multiple vulnerabilities exist in Google Chrome due to Use after free in Ozone, Views, InterestGroups, Extensions, Autofill, Actor, Payments, Input, Core, WebRTC, Forms and IndexedDB; Uninitialized use in V8 and ANGLE; Integer overflow in Extensions API; Out-of-bounds read and write in Codecs; Insufficient input validation of WebAppInstalls and Codecs; Insufficient data validation in DOM and Navigation; Insufficient policy enforcement in Passwords and Navigation; and Inappropriate implementation in GetUserMedia, Forms and WebGL. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page.


Successful exploitation of these vulnerabilities could allow remote attacker to execute arbitrary code, bypass security restrictions, disclose sensitive information and cause denial of service (DoS) condition on the targeted system.


Solution


Apply appropriate updates as mentioned by the vendor

https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html



Vendor Information


Google Chrome

https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html


References


Google Chrome

https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html


CVE Name

CVE-2026-15107

CVE-2026-15108

CVE-2026-15109

CVE-2026-15110

CVE-2026-15111

CVE-2026-15112

CVE-2026-15113

CVE-2026-15114

CVE-2026-15115

CVE-2026-15116

CVE-2026-15117

CVE-2026-15118

CVE-2026-15119

CVE-2026-15120

CVE-2026-15121

CVE-2026-15122

CVE-2026-15123

CVE-2026-15124

CVE-2026-15125

CVE-2026-15126

CVE-2026-15127

CVE-2026-15128

CVE-2026-15129

CVE-2026-15130

CVE-2026-15131

CVE-2026-15132

CVE-2026-15133




– —


Thanks and Regards,

CERT-In


Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS


Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–


iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmpRAAIACgkQ3jCgcSdc

ys8moBAAlX3XqEWtij/uhcF6cibsnioRdOY5lQdC2dsYt7F98DHIovkkIdYJarDM

orstk2nTkOJ6FuPINxjfegDS0k3tsDq+Tk2r3lrO9EsyU7fltYe5vkyEQbx6AIuo

+4yTs7bOYuVA3PteToPdmm0gz1oFbAU5IuWdkPMCjx2uk8D5dT/4vLQly8q8R3Bj

40A9hiQ8qO9BlNUQT7rrMB+sVVymDWbmgjHcjq8gv1icBjfKLgIypTpCrtIsE+Zo

A4byTvK7JnwTRBSxd5VyPKwQcXG/26z059thYNATSpuZb4L306jc5p9Cyg4GavFu

11rZ75Z1GvE9P/wiW8ObRKHlY5qXc5BlOzBXuVdsHmb2DIg58iDFmspRdH7zhbc3

hG2CEHgRtxemTiebZTKyWkiX3J8sXGexg6xZkMbUCqHn8Cub+J/rQkyNRAG7+YAI

8rntXegG01DrPM1B4wm96J3/BFk61Q8mKu2C1rYK2r2LWjY2P8PVMp6cFHIdUEHE

xHYp4wgYmD4elzwINPnLOmjN1RIq6ZrUuaVZh6phsRtqK3UmvndRSYP4RJ3BDXD8

ehJvel6bOBw0QlkzFrf2iTrQSYBmzy0WNYUIYp1z4BtyQJFglFIpCEOTvXWQkUJv

BCsqHx49cewUXpMmG4buO5laGht2Yh3hpeEVXIvQe+jjcR0SE2I=

=O0Wk

—–END PGP SIGNATURE—–

Share this article