Chrome 141 Stable Released: Fixes High-Severity WebGPU and Video Heap Overflow Flaws

Google has released the stable version of Chrome 141.0.7390.54/55 for Windows, macOS, and Linux. The update will roll out over the coming days and weeks, addressing 21 security vulnerabilities of varying severity — including high, medium, and low-risk flaws. Developers strongly urge users to update their browsers as soon as possible to minimize the risk of exploitation.

The two most critical issues are heap overflows in the WebGPU and Video components, both rated as high severity on the CVSS scale. In addition, the release resolves multiple medium-risk vulnerabilities, ranging from information leaks via side channels and out-of-bounds memory access to flawed implementations in specific modules. Fixes have been applied to Storage, Media, Omnibox, Tab, and the V8 engine. Several less critical bugs were also closed, including use-after-free errors and incorrect logic within Storage and V8.

Many of these flaws were discovered by external security researchers employing advanced techniques such as fuzzing, AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL. Google rewarded their findings through its vulnerability bounty program: the highest payout of $25,000 was granted for the WebGPU heap overflow (CVE-2025-11205), while an additional $4,000 went to the researcher who uncovered a similar flaw in Video (CVE-2025-11206).

For the side-channel data leak in Storage (CVE-2025-11207), a researcher was awarded $5,000. Fixes in Media (CVE-2025-11208, CVE-2025-11211, CVE-2025-11212), Omnibox (CVE-2025-11209, CVE-2025-11213), and Tab (CVE-2025-11210) were also accompanied by payouts ranging from $1,000 to $3,000. Within the V8 engine, both an off-by-one error (CVE-2025-11215) and a use-after-free flaw (CVE-2025-11219) were patched, though some did not result in monetary rewards.

Beyond external contributions, the Chrome security team itself resolved a number of issues uncovered during internal audits and automated testing. These corrections further harden the browser against exploits targeting memory corruption or covert data exfiltration.

To install the update, users need only open the menu in the top-right corner of Chrome, navigate to Help → About Google Chrome, and allow the browser to automatically download version 141. Once restarted, the patch will be active. Official Chrome and Chromium blogs will soon publish detailed notes highlighting new features and improvements in this release.

Keeping Chrome updated to the latest version remains a critical defense against modern threats, and users are strongly advised not to postpone installation.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy