ニュース

「Google Chrome 148」に151件のセキュリティ修正、うち22件は深刻度最高の「Critical」

Windows環境にはv148.0.7778.216/217が展開中

2026年5月29日 10:20

Windows環境に「Google Chrome」v148.0.7778.216/217が展開中

 米Googleは5月27日(現地時間)、デスクトップ向け「Google Chrome」の安定(Stable)チャネルをアップデートした。現在、Windows環境にv148.0.7778.216/217が、Mac環境にv148.0.7778.215/216が、Linux環境にv148.0.7778.215が展開中だ。

 本リリースは、151件の脆弱性を修正した大規模なセキュリティアップデート。CVE番号の付番は以下の通り。

  • CVE-2026-9872:Out of bounds write in GPU(Critical)
  • CVE-2026-9873:Use after free in Network(Critical)
  • CVE-2026-9874:Use after free in Dawn(Critical)
  • CVE-2026-9875:Out of bounds read in WebGL(Critical)
  • CVE-2026-9876:Use after free in WebGL(Critical)
  • CVE-2026-9877:Use after free in ANGLE(Critical)
  • CVE-2026-9878:Use after free in ANGLE(Critical)
  • CVE-2026-9879:Out of bounds write in ANGLE(Critical)
  • CVE-2026-9880:Insufficient validation of untrusted input in WebGL(Critical)
  • CVE-2026-9881:Use after free in Bluetooth(Critical)
  • CVE-2026-9882:Integer overflow in ANGLE(Critical)
  • CVE-2026-9883:Use after free in Base(Critical)
  • CVE-2026-9884:Use after free in Browser(Critical)
  • CVE-2026-9885:Insufficient validation of untrusted input in UI(Critical)
  • CVE-2026-9886:Use after free in Base(Critical)
  • CVE-2026-9887:Use after free in Proxy(Critical)
  • CVE-2026-9888:Use after free in WebView(Critical)
  • CVE-2026-9889:Out of bounds read and write in Dawn(Critical)
  • CVE-2026-9890:Use after free in XR(Critical)
  • CVE-2026-9891:Use after free in Extensions(Critical)
  • CVE-2026-9892:Inappropriate implementation in Skia(Critical)
  • CVE-2026-9893:Use after free in Skia(Critical)
  • CVE-2026-9894:Use after free in GPU(High)
  • CVE-2026-9895:Out of bounds read in GPU(High)
  • CVE-2026-9896:Out of bounds write in V8(High)
  • CVE-2026-9897:Use after free in DOM(High)
  • CVE-2026-9898:Insufficient validation of untrusted input in GPU(High)
  • CVE-2026-9899:Use after free in ANGLE(High)
  • CVE-2026-9900:Out of bounds write in ANGLE(High)
  • CVE-2026-9901:Use after free in ANGLE(High)
  • CVE-2026-9902:Use after free in Accessibility(High)
  • CVE-2026-9903:Insufficient validation of untrusted input in Site Isolation(High)
  • CVE-2026-9904:Use after free in ANGLE(High)
  • CVE-2026-9905:Use after free in Accessibility(High)
  • CVE-2026-9906:Out of bounds write in GPU(High)
  • CVE-2026-9907:Out of bounds read in Dawn(High)
  • CVE-2026-9908:Out of bounds read in ANGLE(High)
  • CVE-2026-9909:Integer overflow in Skia(High)
  • CVE-2026-9910:Out of bounds memory access in ANGLE(High)
  • CVE-2026-9911:Integer overflow in ANGLE(High)
  • CVE-2026-9912:Inappropriate implementation in GPU(High)
  • CVE-2026-9913:Inappropriate implementation in ANGLE(High)
  • CVE-2026-9914:Insufficient validation of untrusted input in ANGLE(High)
  • CVE-2026-9915:Heap buffer overflow in ANGLE(High)
  • CVE-2026-9916:Out of bounds write in ANGLE(High)
  • CVE-2026-9917:Uninitialized Use in WebGL(High)
  • CVE-2026-9918:Inappropriate implementation in Tint(High)
  • CVE-2026-9919:Out of bounds read in WebGL(High)
  • CVE-2026-9920:Uninitialized Use in GPU(High)
  • CVE-2026-9921:Uninitialized Use in WebGL(High)
  • CVE-2026-9922:Use after free in GPU(High)
  • CVE-2026-9923:Use after free in Skia(High)
  • CVE-2026-9924:Heap buffer overflow in ANGLE(High)
  • CVE-2026-9925:Use after free in ANGLE(High)
  • CVE-2026-9926:Heap buffer overflow in ANGLE(High)
  • CVE-2026-9927:Use after free in ANGLE(High)
  • CVE-2026-9928:Out of bounds read in ANGLE(High)
  • CVE-2026-9929:Inappropriate implementation in WebGL(High)
  • CVE-2026-9930:Out of bounds write in Dawn(High)
  • CVE-2026-9931:Use after free in GPU(High)
  • CVE-2026-9932:Use after free in ANGLE(High)
  • CVE-2026-9933:Use after free in Input(High)
  • CVE-2026-9934:Use after free in Aura(High)
  • CVE-2026-9935:Uninitialized Use in ANGLE(High)
  • CVE-2026-9936:Use after free in GFX(High)
  • CVE-2026-9937:Use after free in UI(High)
  • CVE-2026-9938:Inappropriate implementation in V8(High)
  • CVE-2026-9939:Heap buffer overflow in WebCodecs(High)
  • CVE-2026-9940:Heap buffer overflow in ANGLE(High)
  • CVE-2026-9941:Use after free in ANGLE(High)
  • CVE-2026-9942:Uninitialized Use in ANGLE(High)
  • CVE-2026-9943:Out of bounds read in WebGL(High)
  • CVE-2026-9944:Uninitialized Use in ANGLE(High)
  • CVE-2026-9945:Use after free in Media(High)
  • CVE-2026-9946:Use after free in ANGLE(High)
  • CVE-2026-9947:Use after free in XML(High)
  • CVE-2026-9948:Use after free in Views(High)
  • CVE-2026-9949:Use after free in Core(High)
  • CVE-2026-9950:Insufficient validation of untrusted input in iOS(High)
  • CVE-2026-9951:Use after free in UI(High)
  • CVE-2026-9952:Use after free in WebAudio(High)
  • CVE-2026-9953:Out of bounds read in ANGLE(High)
  • CVE-2026-9954:Use after free in TabStrip(High)
  • CVE-2026-9955:Inappropriate implementation in iOS(High)
  • CVE-2026-9956:Use after free in iOS(High)
  • CVE-2026-9957:Use after free in PDF(High)
  • CVE-2026-9958:Use after free in PDFium(High)
  • CVE-2026-9959:Race in WebRTC(High)
  • CVE-2026-9960:Integer overflow in PDFium(High)
  • CVE-2026-9961:Use after free in SurfaceCapture(High)
  • CVE-2026-9962:Use after free in WebRTC(High)
  • CVE-2026-9963:Uninitialized Use in iOS(High)
  • CVE-2026-9964:Use after free in Bluetooth(High)
  • CVE-2026-9965:Out of bounds write in ANGLE(High)
  • CVE-2026-9966:Integer overflow in XML(High)
  • CVE-2026-9967:Out of bounds write in GPU(High)
  • CVE-2026-9968:Integer overflow in V8(High)
  • CVE-2026-9969:Insufficient validation of untrusted input in ANGLE(High)
  • CVE-2026-9970:Use after free in WebGL(High)
  • CVE-2026-9971:Inappropriate implementation in iOS(High)
  • CVE-2026-9972:Uninitialized Use in Gamepad(High)
  • CVE-2026-9973:Out of bounds write in V8(High)
  • CVE-2026-9974:Out of bounds write in GPU(High)
  • CVE-2026-9975:Out of bounds read and write in ANGLE(High)
  • CVE-2026-9976:Inappropriate implementation in USB(High)
  • CVE-2026-9977:Insufficient validation of untrusted input in WebShare(High)
  • CVE-2026-9978:Use after free in Glic(High)
  • CVE-2026-9979:Insufficient validation of untrusted input in Input(High)
  • CVE-2026-9980:Insufficient validation of untrusted input in Printing(High)
  • CVE-2026-9981:Inappropriate implementation in Skia(High)
  • CVE-2026-9982:Insufficient validation of untrusted input in ANGLE(High)
  • CVE-2026-9983:Type Confusion in Skia(High)
  • CVE-2026-9984:Use after free in UI(High)
  • CVE-2026-9985:Insufficient validation of untrusted input in Media(High)
  • CVE-2026-9986:Insufficient validation of untrusted input in OptimizationGuide(High)
  • CVE-2026-9987:Insufficient validation of untrusted input in WebAppInstalls(High)
  • CVE-2026-9988:Use after free in WebRTC(High)
  • CVE-2026-9989:Inappropriate implementation in Media(High)
  • CVE-2026-9990:Use after free in WebAppInstalls(High)
  • CVE-2026-9991:Inappropriate implementation in Media(High)
  • CVE-2026-9992:Use after free in Network(High)
  • CVE-2026-9993:Use after free in Views(High)
  • CVE-2026-9994:Use after free in Core(High)
  • CVE-2026-9995:Use after free in WebXR(High)
  • CVE-2026-9996:Out of bounds read in WebRTC(High)
  • CVE-2026-9997:Use after free in Input(High)
  • CVE-2026-9998:Integer overflow in Skia(High)
  • CVE-2026-9999:Inappropriate implementation in ANGLE(High)
  • CVE-2026-10000:Use after free in Passwords(High)
  • CVE-2026-10001:Use after free in PerformanceManager(High)
  • CVE-2026-10002:Use after free in PDFium(High)
  • CVE-2026-10003:Use after free in Views(High)
  • CVE-2026-10004:Insufficient validation of untrusted input in Passwords(High)
  • CVE-2026-10005:Use after free in WebAppInstalls(High)
  • CVE-2026-10006:Race in WebAudio(High)
  • CVE-2026-10007:Use after free in SVG(High)
  • CVE-2026-10008:Uninitialized Use in GPU(High)
  • CVE-2026-10009:Integer overflow in Skia(High)
  • CVE-2026-10010:Inappropriate implementation in Input(High)
  • CVE-2026-10011:Inappropriate implementation in Skia(High)
  • CVE-2026-10012:Use after free in Skia(High)
  • CVE-2026-10013:Use after free in WebCodecs(High)
  • CVE-2026-10014:Use after free in WebMIDI(High)
  • CVE-2026-10015:Integer overflow in WTF(High)
  • CVE-2026-10016:Use after free in DOM(High)
  • CVE-2026-10017:Out of bounds read in Headless(Medium)
  • CVE-2026-10018:Integer overflow in ANGLE(Medium)
  • CVE-2026-10019:Integer overflow in ANGLE(Medium)
  • CVE-2026-10020:Insufficient validation of untrusted input in Skia(Medium)
  • CVE-2026-10021:Insufficient validation of untrusted input in USB(Medium)
  • CVE-2026-10022:Type Confusion in V8(Medium)

 今のところ悪用の報告はないが、深刻度が4段階中最高の「Critical」と評価された脆弱性が22件も含まれており、できるだけ早いアップデートをお勧めする。

 デスクトップ向け「Google Chrome」はWindows/Mac/Linuxに対応しており、現在、同社のWebサイトから無償でダウンロード可能。Windows版は、Windows 10/11に対応している。すでにインストールされている場合は自動で更新されるが、設定画面(chrome://settings/help)にアクセスすれば手動でアップデート可能。アップデートを完全に適用するには、「Google Chrome」の再起動が必要だ。

Amazonで購入