Google Patches High-Severity Chrome Zero-Day Vulnerability

Google released a patch for a high-severity Chrome zero-day vulnerability, tracked as CVE-2026-2441, which is actively being exploited in the wild. The flaw is a memory bug in the browser’s handling of specific font features, allowing attackers to execute arbitrary code via malicious webpages. This marks the first Chrome zero-day of 2026, prompting Google to issue a standalone update for the stable channel. The vulnerability was reported by security researcher Pieter Arntz, though no additional technical details about the exploit were disclosed. Users are affected if they visit compromised or specially crafted websites.