Chrome V8 zero-day patched; urgent user update
🛡️ Google released fixes for 74 vulnerabilities in Chrome, including an actively exploited high-severity V8 issue, CVE-2026-11645 (CVSS 8.8). The flaw is an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine that could allow code execution inside a sandbox via a crafted HTML page. Researcher "303f06e3" reported the bug on April 27, 2026, and received a $55,000 bounty. Users should update Chrome to the latest 149.0.7827.102/.103 versions and apply corresponding updates for other Chromium-based browsers.
