Google Chrome’s latest security update patches high-severity flaw exploited by hackers: Here’s what we know

Google recently released security updates for its Chrome browser to address a high-severity vulnerability that is being actively exploited in the wild, the company confirmed. The high-severity flaw, tracked as CVE-2026-2441 with a CVSS score of 8.8, is a use-after-free bug in CSS that allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This means that, due to this bug, hackers can trick Chrome into running harmful code just by making someone open a specially designed web page. This could let the attacker take control of parts of the browser, even though Chrome has safety protections in place. Security researcher Shaheen Fazim discovered and reported the vulnerability on February 11, 2026.