CRITICAL ⚡ MUST-KNOW
Chrome V8 Zero-Day CVE-2026-11645 Actively Exploited — Patch Now
Google patched CVE-2026-11645 (CVSS 8.8), an out-of-bounds read/write in V8, Chrome’s JavaScript and WebAssembly engine, in Chrome 149.0.7827.103. The flaw is confirmed under active exploitation in the wild; this is the fifth Chrome zero-day exploited this year. Google shipped emergency updates covering 74 total vulnerabilities in this release. Users and enterprises should force-update Chrome immediately; managed environments should verify the update has propagated before end-of-day.