Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now

Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 CVSS score: 8.8, has been described as an out-of-bounds memory access in V8, Chrome's JavaScript and...

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an autonomous AI agent. The same week, Google shipped Chrome 149 with patches for...

Chromium: CVE-2026-10982 Use after free in WebXR

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-10905 Use after free in Network

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-10900 Use after free in Passwords

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-10006 Race in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Update Chrome now: Critical bugs could let attackers run code

Google has issued updates for the Chrome browser patching a number of high‑severity vulnerabilities. The update includes fixes for two critical vulnerabilities that can be used for remote code execution just by visiting a malicious website. The stable channel has been updated to 148.0.7778.178/17...

Chromium: CVE-2026-8534 Integer overflow in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-8531 Heap buffer overflow in WebML

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 148 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 148.0.7778.96 Linux 148.0.7778.96/97 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

Google Chrome Update Disrupts Infostealer Cookie Theft

Google adds Device Bound Session Credentials DBSC to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows...

Chromium: CVE-2026-4463 Heap buffer overflow in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-3537 Object lifecycle issue in PowerVR

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Update Chrome now: Zero-day bug allows code execution via malicious webpages

Google has issued a patch for a high‑severity Chrome zero‑day, tracked as CVE‑2026‑2441, a memory bug in how the browser handles certain font features that attackers are already exploiting. CVE-2026-2441 has the questionable honor of being the first Chrome zero-day of 2026. Google considered it...

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other...

Update Chrome now: Google fixes 13 security issues affecting billions

Google has released an update for its Chrome browser that includes 13 security fixes, four of which are classified as high severity. One of these was found in Chrome’s Digital Credentials feature–a tool that lets you share verified information from your digital wallet with websites so you can pro...

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 CVSS score: 8.8, a type confusion vulnerability in the V8 JavaScript and WebAssembly...

Google Chrome Security Update (stable-channel-update-for-desktop_17-2025-11) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Exploit for Out-of-bounds Write in Google Chrome

Chrome Emergency Security Update !Securityhttps://img.shie...

Update Chrome now: 20 security fixes just landed

Google has released an update for its Chrome browser that includes 20 security fixes, several of which are classed as high severity. Most of these flaws were found in Chrome’s V8 engine—the part of Chrome and other Chromium-based browsers that runs JavaScript. Chrome is by far the world’s most...