Google Patches Fifth Chrome Zero-Day of 2026 With Chrome 149 Update
By
CybersecurityNews
Summary
Google released Chrome 149 to patch 74 security vulnerabilities, including CVE-2026-11645, a high-severity zero-day exploit in the V8 JavaScript engine that was actively exploited in the wild. The out-of-bounds read/write flaw could allow attackers to execute code within a sandbox via a crafted HTML page. This marks the fifth Chrome zero-day exploited in 2026, and the reporting researcher received a $55,000 bounty.
Source
bskyGoogle Patches Fifth Chrome Zero-Day of 2026 With Chrome 149 Updatehendryadrian.comKey quotes
· 4 pulledGoogle has released Chrome 149 to fix 74 vulnerabilities, including CVE-2026-11645, a zero-day in V8 that was actively exploited
The flaw is an out-of-bounds read/write issue in V8
Attackers could use a crafted HTML page
this marks the fifth Chrome zero-day exploited in 2026
You might also wanna read
Google Chrome to Enable HTTPS by Default Starting October 2026
Google announces that starting with Chrome 154 in October 2026, Chrome will change its default settings to enable 'Always Use Secure Connect
25-Year-Old curl Vulnerability (CVE-2026-8932) Patched in Record 18-CVE Security Release
A critical 25-year-old security vulnerability (CVE-2026-8932) in curl, dating back to version 7.7 from March 2001, has been patched as part
cybersecuritynews.com·9d agoApple patches critical iOS zero-day vulnerability exploited in targeted attacks
Apple has patched a critical zero-day vulnerability (CVE-2026-20700) affecting every iOS version since 1.0, discovered by Google's Threat An

Google detects and blocks first known AI-assisted zero-day exploit
Google's Threat Intelligence Group has detected and stopped what it says is the first known zero-day exploit developed with AI assistance. T
CVE-2026-48800 Bypass: Path Traversal Vulnerability Discovered in Notepad++ v8.9.6.1
A security vulnerability (CVE-2026-48800 bypass) has been discovered in Notepad++ v8.9.6.1, the latest patched version. The vulnerability in

How the V8 Sandbox Aims to Eliminate Memory Safety Bugs in JIT Compilers
The article discusses the V8 team's work on the V8 Sandbox, a security mitigation designed to protect against browser exploits caused by mem

Comments
Sign in to join the conversation.
No comments yet. Be the first.