Google this week promoted Chrome 149 to the stable channel with patches for 429 vulnerabilities, a record for a single Chrome refresh.

Already exceeding several times the total number of Chrome security fixes released in 2025, the surge in Chrome flaws is likely driven by AI use, which led Google to lower Chrome bug bounties in April.

Over 100 of the newly resolved security defects are critical and high-severity issues, most of which are use-after-free and insufficient validation of untrusted input flaws.

The most severe of the bugs is CVE-2026-10881 (CVSS score of 9.6), an out-of-bounds read and write weakness in the ANGLE graphics engine.

Remote attackers could exploit the vulnerability to escape Chrome’s sandbox via crafted HTML pages, potentially achieving code execution on the underlying operating system.

In its advisory, Google says it handed out a $97,000 bug bounty reward to the external researcher who reported the issue.

Two other critical-severity defects were reported by external researchers, namely CVE-2026-10882, a use-after-free issue in Network, which earned the reporting researcher a $43,000 reward, and CVE-2026-10883, an out-of-bounds write in ANGLE that was awarded a $5,000 bug bounty.

The remaining 19 critical-severity vulnerabilities addressed in this Chrome release were discovered by Google. Out of approximately 90 high-severity flaws, only 10 were reported by external researchers.

Approximately 40 of the over 300 medium and low-severity weaknesses resolved with the update were reported by external researchers.

Most of the patched weaknesses were use-after-free and insufficient validation of untrusted input issues. Numerous inappropriate implementation, insufficient policy enforcement, and out-of-bounds flaws were also addressed.

Google paid roughly $208,000 in bug bounty rewards to the reporting researchers, but the final amount could be much higher, as the company has yet to disclose the amounts for over a dozen reports.

The latest Chrome iteration is now rolling out as version 149.0.7827.53 for Linux and versions 149.0.7827.53/54 for Windows and macOS.

According to Chrome’s advisory, the detected bugs were uncovered using automated fuzzing and sanitizer tools such as AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, libFuzzer, and AFL, underscoring the scale of Google’s proactive security testing infrastructure.

Users across Windows, Mac, and Linux should immediately update to Chrome 148.0.7778.96/97 to remediate these vulnerabilities.

The next stable release, Chrome 149, is scheduled for June 2, 2026. Users can update via Settings → Help → About Google Chrome, which triggers an automatic download and install.

Windows 11/10

Silent installation

 

https://www.mediafire.com/file/rj6o9clpudwqdgx/Google+Chrome+149.0.7827.115+AIO+Silent+Install.7z/file

https://transfer.it/t/uBf5qvxBlBiR

 

Windows 7/8

Silent installation

 

Google Chrome 109.0.5414.168 AIO windows 7 last version Install Silent 

https://www.mediafire.com/file/y480s6kyzu9k81l/Google+Chrome+109.0.5414.168+AIO+Install+Silent.7z/file

Edited 4 hours ago4 hr by T3rM1nat0Rr3

Google Chrome Changelog:

Google Chrome Changelog:

The Stable channel has been updated to 135.0.7049.95/.96 for Windows, Mac and 135.0.7049.95 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[TBD][409619251] Critical CVE-2025-3619: Heap buffer overflow in Codecs. Reported by Elias Hohl on 2025-04-09

[TBD][405292639] High CVE-2025-3620: Use after free in USB. Reported by @retsew0x01 on 2025-03-21

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer,UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

 Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

PrudhviKumar Bommana Google Chrome

135.0.7049.115 new

Google Chrome 136.0.7103.93 update

Google Chrome 136.0.7103.114 update

137.0.7151.56 update

Google Chrome 137.0.7151.69 update

Google Chrome 137.0.7151.120 updates

Google Chrome 138.0.7204.50 update

https://developer.chrome.com/release-notes/138

  Hi, everyone! We've just released Chrome 138 (138.0.7204.157) for Android. It'll become available on Google Play over the next few days. 

This release includes stability and performance improvements. You can see a full list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.

Android releases contain the same security fixes as their corresponding Desktop (Windows & Mac: 138.0.7204.157/158, Linux: 138.0.7204.157) unless otherwise noted.

Krishna Govind

138.0.7204.169  Update

The Stable channel has been updated to 138.0.7204.183/.184 for Windows, Mac and 138.0.7204.183 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed

This update includes4security fixes. Below, we highlight fixes that were contributed by external researchers. Please see theChrome Security Pagefor more information.

[$8000][426054987] High CVE-2025-8292: Use after free in Media Stream. Reported by Anonymous on 2025-06-19


We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:

[434760450] Various fixes from internal audits, fuzzing and other initiatives

139.0.7258.139 update

139.0.7258.155 update

Google has released Chrome 140 to the stable channel for Windows,

The Stable channel has been updated to 140.0.7339.213/.214 for Mac, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Srinivas Sista
Google Chrome

The Chrome team is delighted to announce the promotion of Chrome 141 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.

Chrome 141.0.7390.54 (Linux) 141.0.7390.54/55 Windows and Mac contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 141.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 21 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$25000][442444724] High CVE-2025-11205: Heap buffer overflow in WebGPU. Reported by Atte Kettunen of OUSPG on 2025-09-02

[$4000][444755026] High CVE-2025-11206: Heap buffer overflow in Video. Reported by Elias Hohl on 2025-09-12

[$5000][428189824] Medium CVE-2025-11207: Side-channel information leakage in Storage. Reported by Alesandro Ortiz on 2025-06-27

[$3000][397878997] Medium CVE-2025-11208: Inappropriate implementation in Media. Reported by Kevin Joensen on 2025-02-20

[$3000][438226517] Medium CVE-2025-11209: Inappropriate implementation in Omnibox. Reported by Hafiizh on 2025-08-13

[$3000][440523110] Medium CVE-2025-11210: Side-channel information leakage in Tab. Reported by Umar Farooq  on 2025-08-22

[$3000][441917796] Medium CVE-2025-11211: Out of bounds read in Media. Reported by Kosir Jakob on 2025-08-29

[$2000][420734141] Medium CVE-2025-11212: Inappropriate implementation in Media. Reported by Ameen Basha M K on 2025-05-28

[$1000][443408317] Medium CVE-2025-11213: Inappropriate implementation in Omnibox. Reported by Hafiizh on 2025-09-06

[N/A][439758498] Medium CVE-2025-11215: Off by one error in V8. Reported by Google Big Sleep on 2025-08-19

[$1000][419721056] Low CVE-2025-11216: Inappropriate implementation in Storage. Reported by Farras Givari on 2025-05-23

[N/A][439772737] Low CVE-2025-11219: Use after free in V8. Reported by Google Big Sleep on 2025-08-19

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:

• [448476731] Various fixes from internal audits, fuzzing and other initiatives

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer,UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Srinivas Sista

Google Chrome

Google Chrome 141.0.7390.66 update

The Stable channel has been updated to 141.0.7390.76/.77 for Windows and Mac and 141.0.7390.76 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.