CVE-2026-11645: V8 Chrome zero‑day — update browsers immediately

Colleagues, a zero‑day in Chrome's V8 engine (CVE-2026-11645) is being actively exploited.
What happened: an out‑of‑bounds flaw in V8 allowed remote code execution in the sandbox via a crafted HTML page; Google confirmed in‑the‑wild exploitation.
Who reported it: researcher “303f06e3” discovered it on Apr 27 and received a $55,000 bounty.
Action: update Chrome to 149.0.7827.102/103 (Windows/macOS) and 149.0.7827.102 (Linux). Other Chromium browsers should apply fixes as released.
Why it matters: a zero‑day poses real risk of system compromise and data exfiltration.
Have you updated corporate browsers?
#cybersecurity #Chrome #V8 #zeroday


Latest comments
No comments yet.