Chrome for Android Update

 Hi, everyone! We've just released Chrome 144 (144.0.7559.109) for Android. It'll become available on Google Play over the next few days. 

This release includes stability and performance improvements. You can see a full list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.


Android releases contain the same security fixes as their corresponding Desktop releases (Windows & Mac: 144.0.7559.109/.110, Linux: 144.0.7559.109) unless otherwise noted.


Harry Souders
Google Chrome

Stable Channel Update for ChromeOS / ChromeOS Flex

The ChromeOS Stable channel is being updated to OS version 16503.60.0 (Browser version 144.0.7559.108) for most ChromeOS devices.

If you find new issues, please let us know one of the following ways:
  1. File a bug

  2. Visit our ChromeOS communities

    1. General: Chromebook Help Community

    2. Beta Specific: ChromeOS Beta Help Community

  3. Report an issue or send feedback on Chrome

  4. Interested in switching channels? Find out how.

Alon Bajayo

Google ChromeOS


ChromeOS Vulnerability Rewards Program Reported Bug Fixes:


N/A

Other 3rd Party Security Fixes Included:


  • Medium Fixes CVE-2025-6349 Mali GPU Kernel Driver allows improper GPU memory processing operations
  • Low Fixes CVE-2024-58093 Use After Free vulnerability in Linux kernel PCI/ASPM link state handling
  • High Fixes CVE-2025-6349 Use After Free vulnerability in Mali GPU CSF queue handling.
  • Low Fixes CVE-2024-58093 Use After Free vulnerability in Linux kernel PCI/ASPM link state handling.
  • Medium Fixes CVE-2025-21871 System Hang (Denial of Service) vulnerability in OP-TEE RPC processing.
  • Low Fixes CVE-2025-21992 System Hang (Denial of Service) vulnerability in the HID Sensor Hub via the HP 5MP Camera interface.CVE-2023-53865
  • Low Fixes CVE-2025-21765 information Leak (Race Condition) vulnerability in the Linux IPv6 stack.
  • Low Fixes CVE-2025-21781 Memory Safety (Crash) vulnerability in the Batman-adv networking module
  • Low Fixes CVE-2024-58051 Memory Safety (NULL pointer dereference) vulnerability in the IPMI/IPMB driver.
  • Low Fixes CVE-2025-21823 Potential invalid memory access (UAF) vulnerability in the Batman-adv networking module.
  • Low Fixes CVE-2024-58014 Out-of-bounds Access vulnerability in the Broadcom Wi-Fi driver (brcmsmac).
  • Low Fixes CVE-2024-58009 Memory Safety (NULL pointer dereference) vulnerability in the Bluetooth L2CAP layer.
  • Low Fixes CVE-2023-53731 Kernel Deadlock (IRQ lock inversion) vulnerability in the Netlink interface.
  • Low Fixes CVE-2023-53725 Memory Leak vulnerability in the Cadence TTC clocksource driver.
  • Low Fixes CVE-2024-58093 Use After Free vulnerability in Linux kernel PCI/ASPM link state handling.
  • Medium Fixes CVE-2024-36342 Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
  • High Fixes CVE-2024-36325 Arbitrary writes to SOC registers via AMDGPU VCN JPEG command processor


Android Security fixes can be found here


Chrome Browser Security Fixes:


  • [$4000.0] [469143679] Medium CVE-2026-0902 inappropriate implementation in V8. Reported by 303f06e3 on 2025-12-16
  • [$TBD] [465730465] High CVE-2026-0900 Inappropriate implementation in V8. Reported by Google on 2025-12-03
  • [$TBD] [465466773] Medium CVE-2026-0905 Insufficient policy enforcement in Network. Reported by Google on 2025-12-02
  • [$8000.0] [458914193] High CVE-2026-0899 Out of bounds memory access in V8. Reported by @p1nky4745 on 2025-11-08
  • [$TBD] [452209503] Low CVE-2026-0908 Use after free in ANGLE. Reported by Glitchers BoB 14th. on 2025-10-15
  • [$1000.0] [452209495] Medium CVE-2026-0904 Incorrect security UI in Digital Credentials. Reported by Hafiizh on 2025-10-15
  • [$500.0] [444653104] Low CVE-2026-0907 Incorrect security UI in Split View. Reported by Hafiizh on 2025-09-12



Stable Channel Update for Desktop

The Stable channel has been updated to 144.0.7559.109/.110 for Windows/Mac  and 144.0.7559.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.


[$3000][474435504] High CVE-2026-1504: Inappropriate implementation in Background Fetch API. Reported by Luan Herrera (@lbherrera_) on 2026-01-09

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Srinivas Sista
Google Chrome