Update Chrome now — Google patches new zero-day flaw already being exploited

1. Pro
2. Security

Update Chrome now — Google patches new zero-day flaw already being exploited News By Sead Fadilpašić published 9 June 2026

A new bug could allow crooks to execute arbitrary code in Chrome

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Tada Images / Shutterstock)

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter

• Google patches high‑severity Chrome V8 bug (CVE‑2026‑11645) exploited in the wild
• Flaw allows remote code execution via crafted HTML on versions before 149.0.7827.103
• Fixes now live for Windows, Mac, and Linux; users urged to update immediately

Google has fixed a high-severity vulnerability in its Chrome browser that was apparently being abused in the wild.

The company has released a new security advisory informing users about fixing dozens of flaws, including an out of bounds read and write bug in Chrome V8 which could allow remote attackers to execute arbitrary code inside a sandbox via a crafted HTML page, was found in Google Chrome prior to 149.0.7827.103.

The issue is now tracked as CVE-2026-11645 and was given a severity score of 8.8/10 (high).

Latest Videos FromWatch full video here:

No details about the attacks

In theory, the flaw could be used to steal corporate emails, documents, session cookies, or other sensitive information. All it would take is a person opening a weaponized page in a vulnerable version of Chrome to trigger the exploit.

“Google is aware that an exploit for CVE-2026-11645 exists in the wild,” Google said in the advisory, without sharing any details. "Access to bug details and links may be kept restricted until a majority of users are updated with a fix," the company added. "We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven't yet fixed."

You may like

• Adobe issues emergency security patch — Reader and Acrobat users need to update now
• Rapid7 observes new Palo Alto VPN flaw exploited in the wild to bypass GlobalProtect authentication
• Microsoft confirms two major Defender security issues — so update now or face possible attack

The bug has now been addressed in the Stable Desktop channel with patches being released for Windows (149.0.7827.102), Mac (149.0.7827.103), and Linux (149.0.7827.102).

Google usually says that it takes weeks for the patch to roll out globally but in most cases, by the time the advisory is published, most browsers will have been patched already. Those who are unsure if their Chrome is updated should navigate to chrome://settings/help in the address bar, press Enter and wait while Chrome checks for updates. If any are found, they will be prompted to download and install.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Via BleepingComputer

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

TOPICS Google CATEGORIES Cyber Security Computing Security Computing Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

View More

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Security Adobe issues emergency security patch — Reader and Acrobat users need to update now    Security Rapid7 observes new Palo Alto VPN flaw exploited in the wild to bypass GlobalProtect authentication    Security Microsoft confirms two major Defender security issues — so update now or face possible attack    Security Trend Micro users beware - dangerous Apex One zero-day exploited in the wild    Security Experts warn Claude Chrome extension could let hackers hijack your online browsing    Security Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks    Latest in Security Pro New iOS 27 Passwords app can automatically change your passwords for you    Security North Korean hackers are at it again — phishing scheme targets hundreds of workers to try and steal crypto and more    Security Check Point says VPN attacks caused by Qilin ransomware group    Security Microsoft disables over 70 GitHub repos after hackers compromised them with dangerous malware    Security US citizen pleads guilty to spying for the People's Republic of China    Security WordPress users beware — experts claim sites are being hijacked using a critical flaw in popular Everest Forms Pro plugin    Latest in News Gaming Hold out for a little longer FromSoft fans — The Duskbloods will get a closed network test this summer, but a release date for the full game has yet to be announced    Gaming The rumors were true! The Legend of Zelda: Ocarina of Time 'will be reborn' on Nintendo Switch 2 this year    Pro The working class are rallying to oppose data centers at 5 times the rate of wealthy neighborhoods – the great unifier is helping workers punch up, and it's super effective    VPN Privacy & Security Russia’s solution to its VPN crackdown breaking the internet? A state-owned VPN    Software iOS 27 to introduce high-detail 3D imagery for Apple Maps Flyover    VPN Privacy & Security ‘Surveillance is not safety’ — UK’s device scanning order faces privacy backlash    LATEST ARTICLES

1. 1Apple Maps has a huge iOS 27 upgrade on the way for Flyover that will help you ‘see cities around the world like never before’ — and users think it’s down to Gaussian Splatting, the next big 3D photography craze
2. 2North Korean hackers are at it again — phishing scheme targets hundreds of workers to try and steal crypto and more
3. 3Best World Cup 2026 eSIM deals — Stay connected from the opening game to the final whistle
4. 4Amazon wants to end dodgy knockoffs with its own AI-generated custom merch printing
5. 5Hands on: I've spent over 35 hours sitting in Secretlab's new Atlas task chair and there's a lot I like about it — but I'm still not sure it will dethrone my Herman Miller