Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild.
The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID “466192044.” Unlike other disclosures, Google has opted to keep information about the CVE identifier, the affected component, and the nature of the flaw under wraps.
However, a GitHub commit for the Chromium bug ID has revealed that the issue resides in Google’s open-source Almost Native Graphics Layer Engine (ANGLE) library, with the commit message stating “Metal: Don’t use pixelsDepthPitch to size buffers. pixelsDepthPitch is based on GL_UNPACK_IMAGE_HEIGHT, which can be smaller than the image height.”
This indicates the problem is likely a buffer overflow vulnerability in ANGLE’s Metal renderer triggered by improper buffer sizing, which could lead to memory corruption, program crashes, or arbitrary code execution.
“Google is aware that an exploit for 466192044 exists in the wild,” the company noted, adding that more details are “under coordination.”
Naturally, the tech giant has also not disclosed any specifics on the identity of the threat actor behind the attacks, who may have been targeted, or the scale of such efforts.
This is typically done so as to ensure that a majority of the users have applied the fixes and to prevent other bad actors from reverse engineering the patch and developing their own exploits.
With the latest update, Google has addressed eight zero-day flaws in Chrome that have been either actively exploited or demonstrated as a proof-of-concept (PoC) since the start of the year. The list includes CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, CVE-2025-6558, CVE-2025-10585, and CVE-2025-13223.
Also addressed by Google are two other medium-severity vulnerabilities –
- CVE-2025-14372 – Use-after-free in Password Manager
- CVE-2025-14373 – Inappropriate implementation in Toolbar
To safeguard against potential threats, it’s advised to update their Chrome browser to versions 143.0.7499.109/.110 for Windows and Apple macOS, and 143.0.7499.109 for Linux. To make sure the latest updates are installed, users can navigate to More > Help > About Google Chrome and select Relaunch.
Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available.
