Google has released updates to patch three critical security vulnerabilities in its Chrome browser. One of these flaws, Chromium issue 466192044, has already been actively exploited in attacks, according to Security Affairs. This high-severity issue stems from the ANGLE graphics library, where incorrect buffer size calculations in the Metal renderer could lead to memory errors, crashes, or potential code execution by attackers. Google acknowledges the existence of an exploit in the wild and has issued an advisory. Additionally, two medium-severity issues were addressed: a use-after-free bug in the Password Manager (tracked as CVE-2025-14372) and an improper Toolbar implementation vulnerability (tracked as CVE-2025-14373). Earlier this year, Google tackled seven other Chrome zero-days, including type confusion bugs in the V8 engine, input-validation issues in ANGLE and GPU, and an out-of-bounds V8 problem (tracked as CVE-2025-5419 and CVE-2025-4664), which could enable account takeovers. Chrome Stable has been updated to versions 143.0.7499.109/.110 across major platforms.
