Chrome

vulnerabilities 2026-06-15
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild — Patch Every Chromium Runtime, Not Just Browsers
Google patched CVE-2026-11645, an actively exploited out-of-bounds read/write in V8. The real blast radius is every Chromium runtime you operate — headless Chrome in CI, Electron apps, and server-side renderers.
chrome zero-day rce cisa-kev
vulnerabilities 2026-04-09
Chrome 147 Patches 60 Security Flaws Including Two Critical WebML RCE Bugs
Google ships Chrome 147.0.7727.55 with fixes for 60 vulnerabilities—two critical heap buffer overflow and integer overflow flaws in the WebML component enable remote code execution via crafted HTML pages.
chrome rce heap-overflow browser-security
vulnerabilities 2026-04-01 High
Chrome Zero-Day CVE-2026-5281: WebGPU Use-After-Free Under Active Exploitation
Google patches fourth Chrome zero-day of 2026 — a use-after-free in the Dawn WebGPU implementation that enables arbitrary code execution via crafted HTML pages.
chrome zero-day use-after-free browser-security
analysis 2026-03-28 High
Three Chrome Zero-Days Patched in March Alone — What's Driving the Surge
Google patched three actively exploited Chrome zero-days this month. The browser attack surface is expanding faster than it's being hardened.
chrome zero-day browser-security

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild — Patch Every Chromium Runtime, Not Just Browsers