Tech
Google Chrome 149 Update Fixes 429 security Flaws, Including 22 Critical Vulnerabilities -The Most Ever In One Update
Representational Images (Image Credit: Getty Images)
Hyderabad: Google has released Chrome version 149, its largest security update to date, patching a total of 429 vulnerabilities across the browser. The update is available as version 149.0.7827.53/54 for Windows and macOS, and 149.0.7827.53 for Linux. Chrome 149.0.7827.59 has also been released for Android, while iOS users received version 149.0.7827.45 the previous week.
Google has confirmed that none of the vulnerabilities addressed in this update has been actively exploited, but strongly advises all users to install the update immediately. Chrome typically updates automatically, though users can verify their version manually by navigating to Settings and selecting About Google Chrome.
Record number of Bugs fixed
Out of the 429 security flaws addressed, 371 were identified internally by Google’s own security team using a combination of manual testing and AI-assisted tools. The remaining vulnerabilities were reported by external security researchers, for whom Google has paid out a total of $209,000 in bug bounty rewards so far.
The 429 fixes represent the highest number of vulnerabilities patched in a single Chrome update to date.
22 critical vulnerabilities
The most serious flaws in the update are 22 vulnerabilities classified as critical, ranging from CVE-2026-10881 to CVE-2026-10902. The majority are Use-After-Free (UAF) vulnerabilities, several of which were found in the WebGL library Angle. Beyond the critical tier, the update addresses 87 high-risk vulnerabilities, 226 classified as medium risk, and 94 in the low-risk category.
Across all severity levels, Use-After-Free vulnerabilities are the most prevalent at 110, followed by Input Validation flaws at 88 and Inappropriate Implementation issues at 60.
Chrome gets PDF editing capabilities
Alongside the security fixes, Chrome 149 brings meaningful improvements to the browser’s built-in PDF viewer. Users can now annotate and sign PDF documents directly within Chrome, a functionality that has been available in Firefox for some time. The inclusion of this functionality signals Google’s intent to evolve Chrome’s PDF viewer into a more fully featured, lightweight PDF editor without requiring third-party tools.
A small number of other features — including a vertical tab arrangement option and a full-window Reading Mode — have not yet been rolled out to all users. Chrome 150 is expected to arrive in late June 2026.