Chrome Emergency Update Fixes Exploited Zero-Day Flaw

by ddos · June 12, 2026

Chrome zero-day vulnerability, CVE-2026-11645, Chrome security update, V8 engine flaw

Google has rolled out an urgent update for Chrome on Windows, macOS, and Linux. In total, the browser receives fixes for 74 vulnerabilities. Crucially, one of these flaws is already being exploited in real-world attacks. The new stable build carries version numbers 149.0.7827.102 and 149.0.7827.103 for Windows and macOS, alongside 149.0.7827.102 for Linux. As usual, the rollout will happen gradually over the coming days and weeks.

An Actively Exploited Zero-Day in V8

The most pressing issue is CVE-2026-11645, rated 8.8 on the CVSS 3.1 scale and classified as High severity. This flaw lives inside V8, the engine responsible for executing JavaScript. Specifically, the bug allows code to read or write outside its intended memory boundaries. Google has confirmed that working exploit code already exists, and attackers are actively using it in the wild.

A researcher known by the alias 303f06e3 discovered CVE-2026-11645 and earned a $55,000 bounty for the find. For now, Google is withholding further technical details. This approach gives most users time to install the patch before attackers can refine their techniques further.

Seventeen Critical Memory Safety Bugs

Beyond the zero-day, this release also patches 17 critical vulnerabilities. Most of these stem from use-after-free errors, where code accesses memory that has already been released. These bugs span a wide range of components, including Ozone, File Input, Aura, TabStrip, Bluetooth, Gamepad, Autofill, Views, Printing, Compositing, Web Apps, and Proxy. Additionally, one critical flaw involves an integer overflow in the libyuv library.

Dozens More High-Severity Fixes

On top of these critical issues, Google closed dozens of high-severity vulnerabilities scattered throughout the browser. Affected areas include V8, networking, extensions, service workers, media handling, PDF rendering, the GPU process, WebRTC, Skia, Dawn, password management, the New Tab page, guest mode, and the user interface, among other components.

How to Update Chrome Now

Google strongly advises users not to delay this update. Normally, Chrome installs new versions automatically in the background. However, you can trigger a manual check through the “About Chrome” section in settings. Once the update finishes downloading, simply restart the browser to apply it.