Google-Chrome

Cybersecurity researchers have revealed details about a critical vulnerability already patched in Google Chrome that could have allowed attackers to elevate privileges and gain access to local files on the victim’s system. The vulnerability, tracked as CVE-2026-0628 and with a CVSS score of 8.8, was described as insufficient policy enforcement in the WebView tag. Google patched it in early January 2026 in version 143.0.7499.192/.193 for Windows/Mac and 143.0.7499.192 for Linux. ...

Google released a security update for Chrome on December 10, patching three new vulnerabilities, including a high-severity one that is being actively exploited in the wild. This vulnerability represents the eighth Chrome zero-day exploited in 2025. The High Severity Zero-Day Vulnerability Google has issued a security advisory to address a high severity zero-day vulnerability. At the time of publication, Google has not assigned a CVE (Common Vulnerabilities and Exposures) to this flaw. Instead, it is referenced by Google’s internal tracking ID, 466192044. ...