[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSxfnNA_blOtjJ0m5n-4J1KhIhAu-jbNn_eFCaSYknqc":3},{"article":4,"iocs":37},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":24,"category":25,"article_tags":29},"6f0487f2-964b-483d-817a-09faebecc989","Google Patches 382 Chrome Vulnerabilities","google-patches-382-chrome-vulnerabilities-d98e0a","Fifteen of the newly patched flaws have been rated ‘critical’ and 67 have been rated ‘high severity’. The post Google Patches 382 Chrome Vulnerabilities appeared first on SecurityWeek.","Google has released Chrome 151, addressing 382 vulnerabilities, with 358 discovered internally. Fifteen of these are rated critical, and 67 are high severity. The surge in vulnerability discovery is speculated to be AI-driven, though specific tools remain undisclosed. The flaws, including user-after-free and type confusion, primarily affect the renderer process and could lead to arbitrary code execution.","Google patches 382 Chrome vulnerabilities, 15 critical, with AI potentially driving discovery.","Google on Tuesday announced the release of Chrome 151 with patches for 382 vulnerabilities, the vast majority of which were discovered by the tech giant itself. Of the 382 vulnerabilities, 358 were found by Google. The company has discovered and patched hundreds of Chrome flaws in recent months, a surge likely driven by AI. However, it has shared no details on which specific AI tools are driving the surge. Fifteen of the newly patched vulnerabilities have been assigned a ‘critical’ severity rating, and 67 have been rated ‘high severity’. Of the remaining flaws, 169 have a ‘medium’ and 131 have a ‘low’ severity rating. The security holes have been described as user-after-free, out-of-bounds, incorrect security UI, uninitialized use, type confusion, and insufficient input validation issues. Many of the vulnerabilities affect the renderer process and can typically be triggered via crafted web content. These types of flaws could allow a remote attacker to achieve arbitrary code execution inside the renderer sandbox. In some cases, they may also enable an attacker who has already compromised the renderer to escape the sandbox, potentially leading to arbitrary code execution on the system.Advertisement. Scroll to continue reading. Google’s latest advisory does not mention in-the-wild exploitation for any of the flaws. Earlier this month, the company patched the fifth actively exploited zero-day of 2026. Related: Chrome 149 Update Resolves 18 Severe Vulnerabilities Related: Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities Related: Chrome 148 Update Patches 151 Vulnerabilities Related: FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service Written By Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Eduard Kovacs Nissan Employee Data Breached in Oracle PeopleSoft HackNew Controller Flaws Expose Highway Signs and Billboards to Remote HackingWhatsApp Rolling Out Username Feature to Bolster Phone Number PrivacyInsurance Regulators Group NAIC Hit in Oracle PeopleSoft HackOpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AIAmazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories$3 Million Reportedly Stolen in Polymarket HackFirst-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild Latest News Massive Password Spray Campaign Targeting Azure CLIBlueHammer Vulnerability Exploited in Ransomware AttacksDecades-Old Bash Tricks Expose AI Coding Agents to Supply Chain AttacksAflac Japan Data Breach Impacts 4.38 MillionHacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreatSupreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location HistoryExploitation of Recent Oracle E-Business Suite Vulnerability BeginsThe AI Token Costs That Can Break Cybersecurity Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveTracey Mustacchio has joined Everfox as Chief Marketing Officer.Mark Carter has been appointed Chief Information Security Officer at Socure.Spektrum Labs has named Mark Cravotta Chief Operating Officer.More People On The MoveExpert Insights The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Fgoogle-patches-382-chrome-vulnerabilities\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2023\u002F04\u002FChrome-Zero-Day-exploits.jpg","2026-07-01T06:14:41+00:00","2026-07-01T08:00:21.172949+00:00",8,[18,21],{"name":19,"type":20},"Chrome","product",{"name":22,"type":23},"Google","vendor","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":24,"icon":26,"name":27,"slug":28},null,"Vulnerabilities","vulnerabilities",[30,32],{"category":31},{"id":24,"icon":26,"name":27,"slug":28},{"category":33},{"id":34,"icon":26,"name":35,"slug":36},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",[]]