CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs Jun 09, 2026

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now - The Hacker News

The Hacker News Archived Jun 09, 2026 ✓ Full text saved

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now The Hacker News

Full text archived locally
✦ AI Summary · Claude Sonnet


    Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now Ravie LakshmananJun 09, 2026Vulnerability / Browser Security Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome's JavaScript and WebAssembly engine. "Out-of-bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page," reads a description of the flaw in the NIST's National Vulnerability Database (NVD). A security researcher named "303f06e3" has been credited with discovering and reporting the flaw on April 27, 2026. The researcher has been awarded a bug bounty of $55,000 for responsible disclosure. As is customary in these cases, Google acknowledged that an "exploit for CVE-2026-11645 exists in the wild," but stopped short of sharing additional specifics to ensure that a majority of the users are updated with a fix and to prevent further exploitation. With the latest development, Google has addressed a total of five actively exploited Chrome zero-days since the start of the year. This includes CVE-2026-2441, CVE-2026-3909, CVE-2026-3910, and CVE-2026-5281. For optimal protection, users are advised to update their Chrome browser to versions 149.0.7827.102/.103 for Windows and Apple macOS, and 149.0.7827.102 for Linux. To make sure the latest updates are installed, users can navigate to More > Help > About Google Chrome and select Relaunch. Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  browser security, Code Execution, cybersecurity, Google Chrome, V8, Vulnerability, Zero-Day ⚡ Top Stories This Week Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More Malicious npm Package Stole Files From Claude AI User Directory via GitHub ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation Load More ▼ ⭐ Featured Resources [Guide] The Real Security Risks of Shadow AI (And Where You’re Exposed) Learn How to Stop Attacks Before They Reach Your EDR – With PHASR Watch AI Turn Vulnerabilities Into Working Exploits in Minutes (See the Demo) Your Employees Are Using AI in Ways You Can’t See – 2026 State of AI Report
    💬 Team Notes
    Article Info
    Source
    The Hacker News
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    Jun 09, 2026
    Archived
    Jun 09, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗