Chrome Update Fixes High-Severity Security Flaw (CVE-2025-4096) - #CVE-2025-4050
Google has released Chrome version 136 for Windows, Mac, and Linux, addressing eight security vulnerabilities. The most critical issue, CVE-2025-4096, is a high-severity heap buffer overflow in Chrome's HTML rendering engine that could allow arbitrary code execution. This vulnerability, discovered anonymously, earned a $5000 bounty. Other addressed flaws include medium and low severity issues in DevTools. Users are strongly advised to update their browsers immediately to mitigate potential risks. Chrome typically applies updates automatically, but users can manually check for updates if needed. Google is maintaining restricted access to bug details until the majority of users have been protected, with potential further limitations if shared third-party libraries are affected.