Google Chrome Issues Patch for 21 Security Vulnerabilities

The Chrome team has promoted Chrome 141 to the stable channel for Windows, macOS, and Linux. Over the coming days and weeks, users will receive automatic updates bringing them to Chrome 141.0.7390.54 on Linux and Chrome 141.0.7390.54/55 on Windows and macOS.

This release includes numerous bug fixes, performance improvements, and, critically, patches for 21 security vulnerabilities.

Detailed change logs are available on the Chromium source log, and upcoming posts on the Chrome and Chromium blogs will highlight new features and engineering efforts delivered in version 141.

Chrome 141 delivers crucial patches for a broad spectrum of security issues, ranging from high‐severity heap buffer overflows to low‐severity implementation vulnerabilities.

Access to details for some bugs remains restricted until most users have updated; this policy helps prevent exploitation of vulnerabilities before patches reach end users.

Notably, the release includes contributions from external researchers who earned substantial rewards for responsible disclosure:

  • CVE-2025-11205 (High, Heap buffer overflow in WebGPU) – $25,000 awarded to Atte Kettunen (OUSPG).
  • CVE-2025-11206 (High, Heap buffer overflow in Video) – $4,000 awarded to Elias Hohl.
  • CVE-2025-11207 (Medium, Side-channel information leakage in Storage) – $5,000 awarded to Alesandro Ortiz.
  • CVE-2025-11208 (Medium, Inappropriate implementation in Media) – $3,000 awarded to Kevin Joensen.
  • CVE-2025-11209 (Medium, Inappropriate implementation in Omnibox) – $3,000 awarded to Hafiizh.
  • CVE-2025-11210 (Medium, Side-channel information leakage in Tab) – $3,000 awarded to Umar Farooq.
  • CVE-2025-11211 (Medium, Out-of-bounds read in Media) – $3,000 awarded to Kosir Jakob.
  • CVE-2025-11212 (Medium, Inappropriate implementation in Media) – $2,000 awarded to Ameen Basha M K.
  • CVE-2025-11213 (Medium, Inappropriate implementation in Omnibox) – $1,000 awarded to Hafiizh.
  • CVE-2025-11215 (Medium, Off-by-one error in V8) – No reward (Google Big Sleep).
  • CVE-2025-11216 (Low, Inappropriate implementation in Storage) – $1,000 awarded to Farras Givari.
  • CVE-2025-11219 (Low, Use-after-free in V8) – No reward (Google Big Sleep).

In total, 21 security fixes are included in this update. The Chrome Security Page provides a comprehensive overview of all addressed vulnerabilities.

In addition to externally reported issues, Chrome 141 features numerous fixes arising from Google’s internal security audits, continuous fuzzing campaigns, and other quality‐assurance initiatives.

Issue 448476731 tracks a variety of internal security improvements that collectively bolster the browser’s resilience against emerging threats.

What’s New in Chrome 141

Beyond hardening security, Chrome 141 brings under-the-hood improvements and developer‐focused enhancements. Performance optimizations reduce page‐load latency, memory usage improvements enhance stability on lower‐powered devices, and updated Web APIs expand the toolkit available to web developers. Detailed lists of bug fixes, feature updates, and API changes can be found in the Chromium source log.

  • Stable Rollout: Phased deployment across Windows, macOS, and Linux over the next few weeks.
  • Automatic Update: Users on existing stable and beta channels will receive the update automatically.
  • Manual Update: To speed adoption, navigate to Settings → About Chrome and click “Check for updates”.

Users are urged to install Chrome 141 as soon as it becomes available to benefit from the latest security patches. Administrators managing deployments in enterprise environments should test the new version in controlled settings before widespread rollout.

The Chrome team extends gratitude to all security researchers and contributors who responsibly disclosed vulnerabilities during this development cycle.

Their efforts, combined with Google’s internal security work, ensure that Chrome remains at the forefront of browser security and reliability.

Stay tuned for forthcoming blog posts on the Chrome and Chromium sites, where deeper dives into new features and engineering achievements in Chrome 141 will be shared.

Follow us on Google NewsLinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.

Mayura
Mayura
Mayura Kathir is a cybersecurity reporter at GBHackers News, covering daily incidents including data breaches, malware attacks, cybercrime, vulnerabilities, zero-day exploits, and more.

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here