Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered

Google has officially promoted Chrome 146 to the stable channel for Windows, Mac, and Linux, kicking off a global rollout that will reach users over the coming days and weeks. While the update brings various “fixes and improvements” to the world’s most popular browser, the real headline lies in its massive security overhaul.

The release of versions 146.0.7680.71 (Linux) and 146.0.7680.71/72 (Windows and Mac) addresses a total of 29 security vulnerabilities, several of which carried high-stakes rewards for the researchers who discovered them.

At the top of the pile is a Critical-severity flaw, CVE-2026-3913. Identified as a heap buffer overflow within the WebML component, the bug was reported by researcher Tobias Wienand. The discovery earned Wienand a staggering $33,000 bounty, underscoring the potential danger the vulnerability posed to memory safety.

Beyond the critical alert, Chrome 146 squashes a swarm of high-severity bugs, many of which also centered on WebML and memory management issues like “Use after free” (UAF).

Notable high-severity fixes include:

• CVE-2026-3914 & CVE-2026-3915: An integer overflow and another heap buffer overflow in WebML, resulting in a combined $86,000 in rewards for researchers.
• CVE-2026-3916: An out-of-bounds read in Web Speech ($36,000).
• CVE-2026-3917 through CVE-2026-3924: A series of “Use after free” vulnerabilities impacting everything from Extensions and MediaStream to WebMIDI and WindowDialog.

The update also targets several “Medium” and “Low” severity issues that, while less likely to lead to remote code execution, could still compromise user safety through deceptive interfaces. These include incorrect security UI in LookalikeChecks, Picture-in-Picture mode, and WebApp installs, as well as insufficient policy enforcement in the PDF viewer and Clipboard.

In line with standard security protocols, Google is keeping the lid on specific technical details for many of these bugs. The team noted: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

To ensure you are protected against these 29 vulnerabilities—especially the critical WebML overflow—users are encouraged to update their browsers immediately. You can check your version by navigating to Help > About Google Chrome in your browser menu. If an update is available, Chrome will download it automatically and prompt you to relaunch.