By Eduard Kovacs
Publication Date: 2026-02-16 07:54:00
Google released an emergency Chrome update on Friday to patch a zero-day vulnerability that has been exploited in the wild.
Chrome 145.0.7632.75/76 for Windows/Mac and 144.0.7559.75 for Linux fix CVE-2026-2441, described as a high-severity use-after-free vulnerability in the browser’s CSS component.
“Google is aware that an exploit for CVE-2026-2441 exists in the wild,” Google said in its advisory.
Google has credited researcher Shaheen Fazim for reporting the vulnerability. The actively exploited flaw was disclosed to the vendor on February 11, only two days before it was patched.
Fazim was credited by Google last year for responsibly disclosing several high-severity Chrome vulnerabilities.
A bug bounty reward for CVE-2026-2441 has not yet been determined. Some of his previous reports earned the researcher $7,000 and $8,000.
There appears to be no public information about attacks exploiting CVE-2026-2441….
