Developing4 outlets · over 7 hours

Google patches Chrome zero-day CVE-2026-11645 exploited in wild

Google fixed a high-severity Chrome V8 zero-day, CVE-2026-11645, with an exploit already active. The out-of-bounds memory bug allows remote code execution via crafted HTML. Patches for version 149.0.7827.102/.103 are live on Windows, Mac, and Linux. Researcher 303f06e3 received a $55,000 bug bounty for the discovery.

Read the full brief

The story so far4 updates, latest first.

Latest
Google patches Chrome zero-day CVE-2026-11645 exploited in wild
TTechRadar·about 4 hours ago
New Google Chrome 149 Update Patches Exploited Zero-Day
FForbes Innovation·about 5 hours ago
Google patches new Chrome zero-day flaw exploited in the wild
BBleepingComputer·about 10 hours ago
Google Patches 5th Chrome Zero-Day Exploited in 2026
SSecurityWeek·about 11 hours ago

Tracked by ByteBrief