Stable Channel Update for ChromeOS / ChromeOS Flex

The ChromeOS Stable channel is being updated to OS version 16581.42.0 (Browser version 146.0.7680.169) for most ChromeOS devices.

If you find new issues, please let us know one of the following ways:

1. File a bug

2. Visit our ChromeOS communities

   1. General: Chromebook Help Community

   2. Beta Specific: ChromeOS Beta Help Community

3. Report an issue or send feedback on Chrome

4. Interested in switching channels? Find out how.

Luis Menezes

Google ChromeOS

Security Fixes and Rewards

ChromeOS Vulnerability Rewards Program Reported Bug Fixes:

** **

N/A

Other 3rd Party Security Fixes Included:

** **

N/A

Android Security fixes can be found here

** **

Chrome Browser Security Fixes:

** **

[$TBD] [487338366] High CVE-2026-3924 Use after free in WindowDialog. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-25

[$TBD] [485935314] High CVE-2026-3923 Use after free in WebMIDI. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-20

[$3000.0] [485397139] High CVE-2026-3922 Use after free in MediaStream. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-18

[$2000.0] [484946544] High CVE-2026-3921 Use after free in TextEncoding. Reported by Pranamya Keshkamat & Cantina.xyz on 2026-02-17

[$43000.0] [483971526] High CVE-2026-3915 Heap buffer overflow in WebML. Reported by Tobias Wienand on 2026-02-12

[$10000.0] [483853103] High CVE-2026-3918 Use after free in WebMCP. Reported by Syn4pse on 2026-02-12

[$11000.0] [483569512] High CVE-2026-3917 Use after free in Agents. Reported by Syn4pse on 2026-02-11

[$33000.0] [483445078] Critical CVE-2026-3913 Heap buffer overflow in WebML. Reported by Tobias Wienand on 2026-02-10

[$36000.0] [482828615] High CVE-2026-3916 Out of bounds read in Web Speech. Reported by Grischa Hauser on 2026-02-09

[$TBD] [482875307] High CVE-2026-3920 Out of bounds memory access in WebML. Reported by Google on 2026-02-09

[$43000.0] [481776048] High CVE-2026-3914 Integer overflow in WebML. Reported by cinzinga on 2026-02-04

[$TBD] [479326680] Medium CVE-2026-3935 Incorrect security UI in WebAppInstalls. Reported by Barath Stalin K on 2026-01-28

[$TBD] [478783560] Medium CVE-2026-3934 Insufficient policy enforcement in ChromeDriver. Reported by Povcfe of Tencent Security Xuanwu Lab on 2026-01-26

[$7000.0] [478659010] Medium CVE-2026-3926 Out of bounds read in V8. Reported by qymag1c on 2026-01-26

[$2000.0] [477180001] Medium CVE-2026-3929 Side-channel information leakage in ResourceTiming. Reported by Povcfe of Tencent Security Xuanwu Lab on 2026-01-20

[$0.0] [475238879] Low CVE-2026-3942 Incorrect security UI in PictureInPicture. Reported by Barath Stalin K on 2026-01-12

[$3000.0] [474948986] Medium CVE-2026-3927 Incorrect security UI in PictureInPicture. Reported by Barath Stalin K on 2026-01-11

[$2000.0] [474763968] Low CVE-2026-3938 Insufficient policy enforcement in Clipboard. Reported by vicevirus on 2026-01-10

[$1000.0] [474670215] Low CVE-2026-3941 Insufficient policy enforcement in DevTools. Reported by Lyra Rebane (rebane2001) on 2026-01-10

[$1000.0] [470574526] Low CVE-2026-3940 Insufficient policy enforcement in DevTools. Reported by Jorian Woltjer, Mian, bug_blitzer on 2025-12-21

[$2000.0] [444176961] High CVE-2026-3919 Use after free in Extensions. Reported by Huinian Yang (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2025-09-10

[$2000.0] [435980394] Medium CVE-2026-3928 Insufficient policy enforcement in Extensions. Reported by portsniffer443 on 2025-08-03

[$3000.0] [417599694] Medium CVE-2026-3931 Heap buffer overflow in Skia. Reported by Huinian Yang (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2025-05-14

[$1000.0] [40058077] Low CVE-2026-3939 Insufficient policy enforcement in PDF. Reported by NDevTK on 2021-11-30