Final Chrome 140 update fixes more security vulnerabilities

Google has released the final update for Chrome 140 before the rollout of Chrome 141, scheduled for early October. The update addresses several security vulnerabilities, including a high-risk side-channel information leak in the V8 JavaScript engine (CVE-2025-10890) and two high-risk integer overflows in the same engine (CVE-2025-10891 and CVE-2025-10892). None of these vulnerabilities have been exploited in the wild. The vulnerabilities were discovered by an external security researcher and Google's own "AI" tool, Big Sleep, which is based on Gemini and designed to detect security vulnerabilities without human assistance. Chrome updates automatically when a new version is available, and users can manually trigger the update check through the "Help > About Google Chrome" menu. Additionally, other Chromium-based browsers, such as Microsoft Edge, Brave, and Vivaldi, have also updated to Chromium 140 and are now at the same security level as the latest Chrome release. Opera, on the other hand, is still based on an older Chromium version (138) and has not yet fully caught up with the latest security fixes.