Long Term Support Channel Update for ChromeOS

A new LTS-138 version 138.0.7204.310 (Platform Version: 16295.95.0), is being rolled out for most ChromeOS devices. This version includes selected security fixes including: 490118036 Medium CVE-2026-5291 Inappropriate implementation in WebGL. 491516670 High CVE-2026-4679 Integer overflow in Fonts. Reported by GF, 487117772 High CVE-2026-4449 Use after free in Blink. 488188166 High CVE-2026-4674 Out of bounds read in CSS. 484751092 High CVE-2026-4442 Heap buffer overflow in CSS. 487768779 High CVE-2026-4451 Insufficient validation of untrusted input in Navigation. 492213293 Medium CVE-2026-5292 Out of bounds read in WebCodecs. 491655161 Medium CVE-2026-5282 Out of bounds read in WebCodecs. 485397139 High CVE-2026-3922 Use after free in MediaStream. 491515787 High CVE-2026-5280 Use after free in WebCodecs. 489619753 High CVE-2026-4458 Use after free in Extensions. 485935314 High CVE-2026-3923 Use after free in WebMIDI. 491080830 Medium CVE-2026-4462 Out of bounds read in Blink. 488585488 High CVE-2026-4454 Use after free in Network. 488270257 High CVE-2026-4675 Heap buffer overflow in WebGL. And also: CVE-2025-37752, CVE-2025-37756, CVE-2025-37797, CVE-2025-37890, CVE-2025-37997, CVE-2025-38000, CVE-2025-38001, CVE-2025-38083, CVE-2025-38177, CVE-2025-38350, CVE-2025-38477, CVE-2025-38616, CVE-2025-38617, CVE-2025-38618 Release notes for LTS-138 can be found here Want to know more about Long-term Support? Click here Andy Wu Google ChromeOS