What is the CVE-2026-0628 vulnerability in Google Chrome?

CVE-2026-0628 is a high-risk vulnerability in Chrome's WebView component caused by insufficient policy enforcement, which could allow unauthorized content loading.

How can I update Google Chrome to the latest secure version?

You can manually update Chrome by going to Help > About Google Chrome, or wait for the automatic update to install.

Are other browsers like Edge and Brave affected by this Chrome vulnerability?

Yes, other Chromium-based browsers like Microsoft Edge and Brave also require updates to address similar vulnerabilities.

Home / Technology / High-Risk Flaw in Chrome Fixed by Google

High-Risk Flaw in Chrome Fixed by Google

7 Jan

•

Summary

Google patched a high-risk WebView vulnerability (CVE-2026-0628) in Chrome 143.
The vulnerability, caused by insufficient policy enforcement, has not been exploited yet.
Users of Chrome, Edge, Brave, Vivaldi, and Opera should update their browsers.

High-Risk Flaw in Chrome Fixed by Google

Google has swiftly addressed a critical security vulnerability in its latest Chrome releases, versions 143.0.7499.192/193 for Windows and macOS, and 143.0.7499.192 for Linux. The vulnerability, cataloged as CVE-2026-0628, poses a high risk and resides within the WebView component, reportedly due to inadequate enforcement of security rules. While the vulnerability has not been observed in active attacks, users are urged to update promptly.

Manual updates for Chrome can be initiated via the 'Help' > 'About Google Chrome' menu, though automatic updates are generally active. The Android version of Chrome has also received the same security fixes. Meanwhile, the Extended Stable Channel for Windows and macOS now includes Chromium version 142.0.7499.265. Looking ahead, Chrome 144 is slated for release on January 13th, 2026.