Google has released Chrome 145.0.7632.75/76 for Windows and Mac, and 144.0.7559.75 for Linux to address a critical zero-day vulnerability. CVE-2026-2441 is a high-severity use-after-free flaw in the browser's CSS engine that is already being exploited in the wild. The security update was prompted by researcher Shaheen Fazim's report on February 11, 2026.

Use-after-free vulnerabilities occur when a program continues to use memory after it has been freed, potentially allowing attackers to execute arbitrary code. Google's security team confirmed active exploitation of this CSS-related bug, making immediate patching essential for all Chrome users. The company restricted detailed bug information until most users have installed the fix.

This marks the second actively exploited zero-day patched in Chrome this year, following Google's established pattern of rapid response to in-the-wild threats. The vulnerability affects the stable channel across all major desktop platforms. Users should verify their Chrome installation is updated to the latest version to protect against potential attacks targeting this CSS engine flaw.