Google has released the latest Chrome 140 update with several vulnerability fixes, available in Chrome versions 140.0.7339.80/81 for Windows and macOS and 140.0.7339.80 for Linux. According to Google, none of the vulnerabilities have been exploited in the wild. Other Chromium-based browsers will follow suit soon.

In the Chrome Releases blog post , Srinivas Sista lists the four of six fixed vulnerabilities that were discovered by external security researchers and reported to Google. Google categorizes one of them as high risk. The use-after-free vulnerability CVE-2025-9864 is located in the V8 JavaScript engine. The other vulnerabilities ( CVE-2025-9865 , CVE-2025-9866 , and CVE-2025-9867 ) are only considered medium risk. Google hasn’t commented on internally discovered vulnerab

See Full Page