CHROME-2026-06-02

The Chrome team is delighted to announce the promotion of Chrome 149 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.Chrome 149.0.7827.53 (Linux) 149.0.7827.53/54 Windows/Mac contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 149.Security Fixes and RewardsNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.This update includes 429 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. Critical CVE-2026-10881: Out of bounds read and write in ANGLE. Reported by Anonymous on 2026-04-02 Critical CVE-2026-10882: Use after free in Network. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-04-17 Critical CVE-2026-10883: Out of bounds write in ANGLE. Reported by Maher Azzouzi on 2026-04-17 Critical CVE-2026-10884: Use after free in Chromecast. Reported by Google on 2026-04-17 Critical CVE-2026-10885: Use after free in Chrome for iOS. Reported by Google on 2026-04-18 Critical CVE-2026-10886: Use after free in FileSystem. Reported by Andrew Boni on 2026-04-21 Critical CVE-2026-10887: Use after free in Chromoting. Reported by Google on 2026-04-22 Critical CVE-2026-10888: Use after free in Cast Streaming. Reported by Google on 2026-04-23 Critical CVE-2026-10889: Out of bounds read in ANGLE. Reported by Google on 2026-05-14 Critical CVE-2026-10890: Use after free in Cast. Reported by Google on 2026-05-14 Critical CVE-2026-10891: Use after free in GFX. Reported by Google on 2026-05-14 Critical CVE-2026-10892: Out of bounds write in GPU. Reported by Google on 2026-05-14 Critical CVE-2026-10893: Use after...