A new LTS-144 version 144.0.7559.256(Platform Version: 16503.88.0), is being rolled out for most ChromeOS devices.
This version includes selected security fixes including:
|
519258799
|
High
|
CVE-2026-12034
|
Insufficient validation of untrusted input
|
|
499449324
|
High
|
CVE-2026-7922
|
Use after free in ServiceWorker
|
|
523677844
|
Critical
|
CVE-2026-13033
|
Out of bounds read in Blink>InterestGroups
|
|
506653647
|
High
|
CVE-2026-9970
|
Use after free in WebGL
|
|
511765713
|
High
|
CVE-2026-10969
|
Insufficient validation of untrusted input in Extensions
|
|
513609324
|
High
|
CVE-2026-10003
|
Use after free in Views
|
|
501575979
|
High
|
CVE-2026-9933
|
Use after free in Input
|
|
513208588
|
High
|
CVE-2026-9993
|
Use after free in Views
|
|
504710769
|
High
|
CVE-2026-9961
|
Use after free in SurfaceCapture
|
|
513256572
|
High
|
CVE-2026-9995
|
Use after free in WebXR
|
|
519728275
|
Critical
|
CVE-2026-12439
|
Use after free in Digital Credentials
|
|
487357841
|
High
|
CVE-2026-10905
|
Use after free in Network on Android)
|
|
502978647
|
High
|
CVE-2026-8557
|
Use after free in Accessibility
|
|
498783665
|
High
|
CVE-2026-9903
|
Insufficient validation of untrusted input in Site Isolation
|
|
493957495
|
Medium
|
CVE-2026-7339
|
Heap buffer overflow in WebRTC
|
|
504629701
|
High
|
CVE-2026-8559
|
Integer overflow in Internationalization
|
|
499891888
|
High
|
CVE-2026-6920
|
Out of bounds read in GPU
|
|
499565267
|
High
|
CVE-2026-8524
|
Out of bounds write in WebAudio
|
|
513754619
|
High
|
CVE-2026-10007
|
Use after free in SVG
|
|
516942828
|
Critical
|
CVE-2026-12008
|
Use after free
|
|
519731619
|
Critical
|
CVE-2026-12440
|
Use after free in DigitalCredentials
|
|
497880137
|
High
|
CVE-2026-6360
|
Use after free in FileSystem
|
|
520157118
|
Critical
|
CVE-2026-12441
|
Use after free in File Input
|
|
500104917
|
High
|
CVE-2026-7348
|
Use after free in Codecs
|
Release notes for LTS-144 can be found here
Want to know more about Long-term Support? Click here
Andy Wu
Google Chrome OS