Google has issued a critical security alert to its 3.5 billion Chrome users following the discovery of 60 new vulnerabilities. The update, released on April 7, 2026, includes two “critical” and 14 “high” severity ratings, underscoring a significant threat to browser security. Among the most concerning are CVE-2026-5858 and CVE-2026-5859, both involving WebML, Chrome’s machine learning component used for AI acceleration. These flaws include a heap buffer overflow and an integer overflow, which could allow remote attackers to execute malicious code without authentication. Security researchers were awarded over $117,000 in bounties for identifying these bugs, reflecting the potential severity of their impact.
Google warns phones are vulnerable to attack until this update is installed. https://t.co/37z1XcahdR
— Arnaud Mercier – #Entrepreneur (@arnaudmercier) April 8, 2026
While Google has begun rolling out another version to address these issues, the company noted that it could take days or even weeks for the update to reach all users automatically. Cybersecurity experts warn against “update fatigue” and strongly recommend that users manually trigger the patch. To ensure protection, users should navigate to the three-dot menu in Chrome, select Help, and then About Google Chrome. This action forces the browser to check for the update immediately. Once downloaded, a full browser restart is required to activate the security patches and safeguard personal data from potential exploitation.
You May Like To Read: Pakistan’s Peace Push Wins Global Praise
Check out our latest video:




























