Notebookcheck Logo

Chrome 145 update fixes critical CVE-2026-2441 zero-day vulnerability

Google Chrome is at the center of a critical security rollout following the discovery of CVE-2026-2441, an
ⓘ Google.com
Google Chrome is at the center of a critical security rollout following the discovery of CVE-2026-2441, an "in-the-wild" exploit affecting the Chromium CSS component
Google has released an emergency security update for Chrome Desktop to address CVE-2026-2441, a high-severity use-after-free vulnerability in the browser's CSS component.
Security Software

Google’s latest Chrome Desktop Stable update is still rolling out this week, and it’s one that users may want to prioritize. In its February 13 release note, Google said it is aware of an exploit “in the wild” for CVE-2026-2441, a High-severity use-after-free bug in CSS.

Since Chrome’s core engine is shared across many browsers, the same CVE also appears in downstream updates. Opera’s Stable update on February 14 lists CVE-2026-2441 as a security fix, and Vivaldi’s latest 7.8 minor update also flags the same vulnerability, explicitly noting a known exploit in the wild.

What CVE-2026-2441 is and what’s confirmed so far

NIST’s National Vulnerability Database (NVD) describes CVE-2026-2441 as a use-after-free issue in Chrome’s CSS handling that could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page.

Google’s Chrome Releases post credits Shaheen Fazim with reporting the issue on February 11, 2026, and notes that access to bug details may remain restricted until most users are updated—standard practice for actively exploited bugs.

Versions that include the fix

Google says Chrome Desktop Stable has been updated to 145.0.7632.75/76 for Windows and macOS, and 144.0.7559.75 for Linux, with the rollout happening over “the coming days/weeks.”

Opera’s Stable channel update dated February 14, 2026, lists CVE-2026-2441 in its security highlights for Opera version 127.0.5778.64.

Vivaldi’s “Minor update (2) for Vivaldi Desktop Browser 7.8” says it updated to Chromium 144 ESR (144.0.7559.175) and that this build includes the fix for CVE-2026-2441, also noting a known exploit in the wild.

What to do if you haven’t received it yet

If you’re on Chrome, the fastest way to verify your status is to open the “About” page and confirm you’re on the patched build (then relaunch when prompted). Because Google’s rollout can be staged, two systems checked on the same day can still be on different point releases until the update wave completes.

For Opera and Vivaldi, the safest approach is the same: check the browser’s built-in update/About section and make sure you’re on the versions listed above (or newer), then restart the browser to ensure the patched code is actually loaded.

Please share our article, every link counts!
Mail Logo
Google Logo Add as a preferred
source on Google
static version load dynamic
Loading Comments
Comment on this article

Related Articles

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 02 > Chrome 145 update fixes critical CVE-2026-2441 zero-day vulnerability
Darryl Linington, 2026-02-17 (Update: 2026-02-17)