CHROME 145 has been released to the stable channel fixing 11 vulnerabilities, with three of them rated as high-severity, according to Google. The disclosed CVEs include CVE-2026-2313, a high-severity use-after-free in CSS, which earned an $8,000 bug bounty, along with CVE-2026-2314 (heap buffer overflow in Codecs) and CVE-2026-2315 (inappropriate WebGPU implementation).
Medium-severity flaws include CVE-2026-2316 (insufficient policy enforcement in Frames) rewarded with $5,000, and CVE-2026-2317 (inappropriate implementation in Animation) with a $2,000 reward; two more medium-severity issues in PictureInPicture and File input were also addressed, with the first receiving $1,000 and the second undisclosed. Google handed out over $18,000 in total bug bounty rewards for reporting researchers.
The update is Chrome 145.0.7632.45 for Linux and 145.0.7632.45/46 for Windows and macOS, and Google notes there is no advice of exploitation in the wild, urging users to apply the patches soon. The article was published on 13 February 2026.