Google Patches New Chrome Zero-Day Flaw Exploited in the Wild
Google said the flaw was exploited in the wild and awarded a $55,000 bounty to the researcher who reported it.
- On Tuesday, June 9, 2026, Google released emergency updates for Chrome to patch CVE-2026-11645, a high-severity zero-day vulnerability confirmed to be actively exploited in the wild.
- This high-severity flaw stems from an out-of-bounds read and write weakness in the Chrome V8 JavaScript engine, marking the fifth actively exploited zero-day vulnerability Google has patched this year.
- The update addresses 72 total security vulnerabilities, 17 rated critical, while Google awarded a $55,000 bounty to researcher "303f06e3," who reported the zero-day on April 27.
- To ensure immediate protection, users can force the update via the "About Google Chrome" menu and restart the browser, though automatic rollouts may take several days.
- Google will restrict access to bug details until a majority of users have applied the fix, a standard security practice as the company has already patched more than half of 2025's eight zero-days.
19 Articles
19 Articles
Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year
Google has fixed its fifth actively exploited Chrome zero-day of 2026, and this one earned its finder a $55,000 bounty. The flaw, tracked as CVE-2026-11645, is an out-of-bounds memory access bug in Chrome's V8 JavaScript engine. Google confirmed that the vulnerability is being exploited in the wild, but has disclosed little beyond the bare technical details. The company patched the issue in the latest Stable Channel releases for Windows, macOS, …
Chrome 149 Lands to Fight an Active, In-the-Wild Security Threat: Update Right Now
Just a week ago, Google dropped a massive security patch that addressed hundreds of individual software bugs. Now, billions of desktop and mobile users face another urgent reason to check their web browser version. Google has officially released Chrome version 149, aiming to fix an active zero-day vulnerability that malicious actors are already exploiting in the wild. Google Chrome CVE-2026-11645 vulnerability gets a fix with the 149 update The …
Google has just released a maximum emergency security patch to fix the latest Zero-Day vulnerability that its Chrome browser has suffered. It’s a priority to update as soon as possible, as cybercriminals are already taking advantage of it. Google’s security team has detected a critical problem and has immediately informed users of the security gap suffered. This is an off-limits reading and writing error in Chrome V8, which used by individuals w…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
