Chromium

vulnerabilities 2026-06-15
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild — Patch Every Chromium Runtime, Not Just Browsers
Google patched CVE-2026-11645, an actively exploited out-of-bounds read/write in V8. The real blast radius is every Chromium runtime you operate — headless Chrome in CI, Electron apps, and server-side renderers.
chrome v8 zero-day chromium rce cisa-kev

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild — Patch Every Chromium Runtime, Not Just Browsers