Threat Advisory

Google Chrome Security Update Fixes 27 Vulnerabilities

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: Critical
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in Chrome, with a total of 27 flaws fixed across the desktop browser. Two critical use-after-free bugs were found in Ozone and Views components. The affected versions include any build before 150.0.7871.114.

CVE-2026-48908— JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability →[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in Chrome, with a total of 27 flaws fixed across the desktop browser. Two critical use-after-free bugs were found in Ozone and Views components. The affected versions include any build before 150.0.7871.114.

CVE-2026-48908— JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability →[emaillocker id="1283"]

CVE-2026-55255— Langflow Authorization Bypass Through User-Controlled Key Vulnerability →

CVE-2026-56290— Joomlack Page Builder Improper Access Control Vulnerability →

CVE-2026-48282— Adobe ColdFusion Path Traversal Vulnerability → These vulnerabilities collectively present a significant risk to Chrome users, particularly those who have not updated their browser. Administrators should prioritize patching as soon as possible to minimize exposure.

CVE-2026-15112 (CVSS 9.8 — Critical): A use-after-free bug was discovered in the Ozone component, which could be exploited by a malicious web page to corrupt memory and potentially run code inside the browser.

CVE-2026-15129 (CVSS 9.8 — Critical): Another use-after-free bug was found in the Views component, posing a similar risk of memory corruption and code execution.

RECOMMENDATION:

We recommend you to update chrome to versions 150.0.7871.114/.115 for Windows and Mac and 150.0.7871.114 for Linux.

REFERENCES:

The following reports contain further technical details:

[/emaillocker]
crossmenu