Feed›Vulnerability›Google patches new Chrome zero-day flaw exploited in the wil...

VulnerabilityBleeping Computer

8.8 — CRITICAL

Google patches new Chrome zero-day flaw exploited in the wild

📅 9 June 2026 at 06:56 UTC📰 Bleeping ComputerView original source ↗

Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the fifth such flaw patched since the start of the year. [...]

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

Google has patched a new Chrome zero-day vulnerability (CVE-2026-11645) that was exploited in the wild, marking the fifth such flaw patched since the start of the year. The vulnerability stems from an out-of-bounds read and write weakness in the Chrome V8 JavaScript engine.

⚙️Technical Details

CVEs

CVE-2026-11645CVE-2024-0519CVE-2026-2441CVE-2026-3909CVE-2026-3910

Affected Systems

WindowsMacLinux

Attack Vectors

NETWORK

💥Impact Assessment

Severity: High

Who Is at Risk

Users of Google Chrome, particularly those using Windows, Mac, and Linux systems.

🛡️Recommended Actions

1Update Google Chrome to the latest version (149.0.7827.102) as soon as possible.

2Enable automatic updates for Google Chrome to minimize the risk of exploitation.

3Monitor system logs for suspicious activity and implement additional security measures to detect and respond to potential attacks.

📦Affected Products

Couchbase Couchbase ServerFedoraproject FedoraGoogle ChromeApple MacosLinux Linux KernelMicrosoft Windows

🔐NVD Verified DataVERIFIED

CVE-2026-11645 ↗CVSS 8.8 — HIGH

Attack Vector

NETWORK

Complexity

LOW

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE-125CWE-787

CVE-2024-0519 ↗CVSS 8.8 — HIGH

Attack Vector

NETWORK

Complexity

LOW

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE-125CWE-787

Affected Products (CPE)

Couchbase Couchbase ServerFedoraproject FedoraGoogle Chrome

CVE-2026-2441 ↗CVSS 8.8 — HIGH

Attack Vector

NETWORK

Complexity

LOW

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE-416

Affected Products (CPE)

Apple MacosGoogle ChromeLinux Linux KernelMicrosoft Windows

CVE-2026-3909 ↗CVSS 8.8 — HIGH

Attack Vector

NETWORK

Complexity

LOW

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE-787

Affected Products (CPE)

Apple MacosGoogle ChromeLinux Linux KernelMicrosoft Windows

Advisories

📋 https://chromereleases.googleblog.com/2026/03/stable-channel-update-fo…

CVE-2026-3910 ↗CVSS 8.8 — HIGH

Attack Vector

NETWORK

Complexity

LOW

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE-119CWE-94

Affected Products (CPE)

Apple MacosGoogle ChromeLinux Linux KernelMicrosoft Windows

Advisories

📋 https://chromereleases.googleblog.com/2026/03/stable-channel-update-fo…

Read the full article

This is a curated summary. The complete article is available at Bleeping Computer.

Read on Bleeping Computer ↗

← Back to feed