All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Google patches fifth Chrome zero-day of 2026 exploited in the wild

11h ago· 1 min readenNews
Bagel score 38 of 100
38/100
Stale
Bagelometer

Sat out too long. The crust has gone leathery.

Score38TypenewsSentimentnegative

Summary

Google patched CVE-2026-11645, the fifth actively exploited Chrome zero-day of 2026, an out-of-bounds memory access vulnerability in the V8 JavaScript engine. Google confirmed in-the-wild exploitation but disclosed minimal technical details. A $55,000 bounty was awarded to the reporter. The fix is available in the latest Stable Channel releases across Windows, macOS, and Linux.

Key quotes

· 3 pulled
CVE-2026-11645 is an out-of-bounds memory access vulnerability in Chrome's V8 JavaScript engine.
Google confirmed active exploitation in the wild while disclosing only bare technical details.
This is the fifth actively exploited Chrome zero-day patched in 2026, following CVE-2026-2441, CVE-2026-3909, CVE-2026-3910, and CVE-2026-5281.
Snippet from the RSS feed
CVE-2026-11645 is an out-of-bounds memory access vulnerability in Chrome’s V8 JavaScript engine. Google confirmed active exploitation in the wild while disclosing only bare technical details. Fixes are included in the latest Stable Channel releases for Wi

You might also wanna read

Apple patches critical iOS zero-day vulnerability exploited in targeted attacks

Apple has patched a critical zero-day vulnerability (CVE-2026-20700) affecting every iOS version since 1.0, discovered by Google's Threat An

theregister.com·3mo ago

Google detects and blocks first known AI-assisted zero-day exploit

Google's Threat Intelligence Group has detected and stopped what it says is the first known zero-day exploit developed with AI assistance. T

The Verge·29d ago

Cisco discloses actively exploited zero-day affecting up to 2 million IOS and IOS XE devices

Cisco disclosed an actively exploited zero-day vulnerability (CVE-2025-20352) affecting all supported versions of Cisco IOS and IOS XE, pote

arstechnica.com·8mo ago

Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday

An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker

theregister.com·12d ago

Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday

An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker

theregister.com·12d ago

Critical Remote Code Execution Vulnerability Discovered in Widely Used protobuf.js Library

A critical remote code execution vulnerability has been discovered in protobuf.js, a widely used JavaScript implementation of Google's Proto

bleepingcomputer.com·1mo ago

How the V8 Sandbox Aims to Eliminate Memory Safety Bugs in JIT Compilers

The article discusses the V8 team's work on the V8 Sandbox, a security mitigation designed to protect against browser exploits caused by mem

medium.com·8mo ago