Google released Chrome 147.0.7727.55/56 for Windows and macOS (147.0.7727.55 for Linux) on April 8, 2026, addressing 60 security vulnerabilities. Two of them are rated critical and both live in the same component: WebML, Chrome’s on-device machine learning inference engine.

The Critical Pair

CVE-2026-5858 — Heap Buffer Overflow in WebML

A heap buffer overflow in Chrome’s WebML implementation allows a remote attacker to execute arbitrary code by luring a victim to a crafted HTML page. The bug earned a $43,000 bounty from Google, signaling the severity of the issue.

CVE-2026-5859 — Integer Overflow in WebML

An integer overflow in the same WebML component allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This bug also received a significant bounty payout.

Both vulnerabilities share the same attack surface: a malicious page that triggers WebML operations with attacker-controlled parameters. No user interaction beyond visiting the page is required. The combination of heap buffer overflow and integer overflow in the same component suggests a systemic issue with bounds checking in WebML’s tensor and model-handling code paths.

Why WebML Matters

WebML (the Web Machine Learning API) enables browsers to run ML inference directly on client hardware—GPUs, NPUs, and CPUs—without server round-trips. It’s increasingly used for on-device features like real-time translation, image classification, and smart compose. The attack surface is significant because:

  • WebML processes complex, attacker-supplied model data and tensor inputs
  • The underlying math involves large buffer allocations where off-by-one errors and integer overflows can chain into full code execution
  • The component interfaces directly with platform-specific acceleration backends (DirectML on Windows, Core ML on macOS, TFLite delegates on Linux)

This is the second consecutive Chrome major release to patch critical WebML bugs—Chrome 146 also fixed a critical WebML flaw—which suggests Google’s rapid integration of ML capabilities is outpacing the security hardening of the underlying native code.

The Full Picture: 60 Fixes

Beyond the two critical bugs, the Chrome 147 release addresses:

  • 14 high-severity vulnerabilities, including type confusion bugs in the V8 JavaScript engine and memory corruption in other components. Google paid out $118,000 in bounties for these alone.
  • 20 medium-severity and 24 low-severity fixes rounding out the update.

Google states that none of the 60 vulnerabilities have been observed exploited in the wild—yet. Given the track record of Chrome N-days being weaponized within days of patch releases (CVE-2026-5281 in Dawn/WebGPU was exploited in the wild shortly after disclosure), the window to patch is narrow.

Who’s Affected

Any organization running Chromium-based browsers: Chrome, Edge, Brave, Opera, Arc, and Electron-based desktop apps. Enterprise environments with managed Chrome deployments should prioritize this update given the RCE severity.

What to Do Right Now

  1. Update Chrome immediately to 147.0.7727.55 or later. Navigate to chrome://settings/help to trigger the update.
  2. Push the update through enterprise management if you’re running Chrome Browser Cloud Management or Group Policy-managed deployments.
  3. Audit Electron apps in your environment—they bundle Chromium and may lag behind on patches. Check if your Electron apps are running Chromium versions prior to 147.0.7727.55.
  4. Monitor for exploitation indicators. While Google reports no in-the-wild exploitation yet, proof-of-concept development typically accelerates once patches are diffed. Watch for unusual WebML API calls in browser telemetry if you have endpoint visibility.
  5. Consider disabling WebML features via enterprise policy (WebMLEnabled) if your organization doesn’t rely on browser-based ML inference, reducing the attack surface until you’re confident all endpoints are patched.

References