diff --git a/web/push-notif/notif-crypto-utils.js b/web/push-notif/notif-crypto-utils.js
--- a/web/push-notif/notif-crypto-utils.js
+++ b/web/push-notif/notif-crypto-utils.js
@@ -719,6 +719,7 @@
   const sessionExists = !!notificationsOlmData;
 
   if (notificationsOlmData) {
+    // Memory is freed below in this condition.
     const session = new olm.Session();
     session.unpickle(
       notificationsOlmData.picklingKey,
@@ -727,6 +728,7 @@
 
     isSenderChainEmpty = session.is_sender_chain_empty();
     hasReceivedMessage = session.has_received_message();
+    session.free();
   }
 
   // regular message
@@ -756,6 +758,7 @@
     authMetadata,
   );
 
+  // Memory is freed below after pickling.
   const account = new olm.Account();
   const session = new olm.Session();
 
@@ -783,6 +786,12 @@
     session.decrypt(messageType, encryptedPayload),
   );
 
+  const pickledOlmSession = session.pickle(notificationAccount.picklingKey);
+  const pickledAccount = account.pickle(notificationAccount.picklingKey);
+
+  session.free();
+  account.free();
+
   // session reset attempt or session initialization - handled the same
   const sessionResetAttempt =
     sessionExists && !isSenderChainEmpty && hasReceivedMessage;
@@ -800,7 +809,6 @@
     sessionResetAttempt ||
     (raceCondition && !thisDeviceWinsRaceCondition)
   ) {
-    const pickledOlmSession = session.pickle(notificationAccount.picklingKey);
     const updatedOlmData = {
       mainSession: pickledOlmSession,
       pendingSessionUpdate: pickledOlmSession,
@@ -808,7 +816,7 @@
       picklingKey: notificationAccount.picklingKey,
     };
     const updatedNotifsAccount = {
-      pickledAccount: account.pickle(notificationAccount.picklingKey),
+      pickledAccount,
       picklingKey: notificationAccount.picklingKey,
     };
     return {