Google has issued an urgent security update for its Chrome browser, addressing 21 vulnerabilities, including a zero-day exploit already being used by cybercriminals. The flaw, tracked as CVE-2026-5281, is actively exploited in the wild, according to Google's latest security advisory.
The tech giant confirmed the zero-day bug in a statement: “Google is aware that an exploit for CVE-2026-5281 exists in the wild.” Details about the discovery and exploitation remain limited, but the vulnerability was reported to Google last month.
In addition to the zero-day, the update patches 20 other security issues. Google noted that access to bug details may be restricted until most users have installed the patch, and further limitations may apply if a third-party library is involved.
To stay protected, Chrome users should immediately update their browser to the latest version. The Stable channel has been updated to address the threats. To check your version, open the Chrome menu, select “About Chrome,” and if prompted to relaunch, update without delay.
Once updated, your device will be safeguarded against the newly discovered threats. Google urges all users to restart their browsers to apply the fixes.



