Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild

Google has urgently patched a high-severity zero-day vulnerability in Chrome, confirming active exploitation in the wild. Tracked as CVE-2026-2441, the flaw is a use-after-free bug in the browser’s CSS handling, reported by independent researcher Shaheen Fazim just five days ago on February 11, 2026.

The company disclosed the issue alongside its latest Stable channel update, emphasizing that an exploit exists and urging users to update immediately to mitigate risks.

Chrome versions prior to the patches remain exposed to remote code execution attacks, where attackers could leverage the memory corruption to execute arbitrary code via malicious web content.

Use-after-free vulnerabilities like this one often stem from improper object lifecycle management in rendering engines, allowing freed memory to be accessed post-deallocation.

Attackers in the wild have weaponized CVE-2026-2441, likely chaining it with other primitives for sandbox escape and privilege escalation on Windows, macOS, and Linux systems. Google restricted full bug details until most users update, adhering to its policy for actively exploited flaws.

Vulnerability and Patch Details

The security fix addresses a single high-severity issue in this release cycle.

CVE ID	CVSS Score	Description
CVE-2026-2441	High (TBD)	Use after free in CSS

Patched versions rolled out as follows:

Platform	Patched Versions
Windows	145.0.7632.75/.76
macOS	145.0.7632.75/.76
Linux	144.0.7559.75

Users should apply updates via Chrome’s built-in updater or enterprise management tools.

The rollout occurs gradually over days or weeks; auto-updates are enabled by default, but manual checks are recommended for high-risk environments.

Organizations should prioritize patching Chrome deployments, scan for indicators of compromise like anomalous network traffic to Google domains, and monitor CISA’s Known Exploited Vulnerabilities catalog for federal advisories.

This marks another CSS-related zero-day in Chrome’s history, underscoring persistent challenges in rendering engine security amid rising nation-state and financially motivated attacks targeting browsers.

No specific IOCs are public yet, but threat actors may distribute exploits via phishing or compromised sites. Security teams can reference the Chrome release log and Chromium security page for ongoing updates.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild appeared first on Cyber Security News.