Google fixes several security vulnerabilities with Chrome 140 update

Google has released the latest Chrome 140 update with several security vulnerability fixes, including one categorized as high risk. The update is available for Windows, macOS, and Linux. None of the vulnerabilities have been exploited in the wild so far. The fixed vulnerabilities were discovered by external security researchers and reported to Google. The high-risk vulnerability, CVE-2025-9864, is located in the V8 JavaScript engine. The other vulnerabilities (CVE-2025-9865, CVE-2025-9866, and CVE-2025-9867) are considered medium risk. Google has not commented on any internally discovered vulnerabilities. Chrome typically updates itself automatically, but users can also manually trigger the update check. Google has also released updates for Chrome for Android and Chrome for iOS, addressing the same vulnerabilities. The Extended Stable Channel for Windows and macOS has also received the update. Chrome 140 doesn't introduce any new features for users, and Google plans to release Chrome 141 at the beginning of October. Other Chromium-based browsers, such as Microsoft Edge, Vivaldi, and Brave, are expected to follow suit with updates, but Opera's browser version 121 remains outdated.