"Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910 exist in the wild. CVE-2026-3909 is described as an out-of-bounds write defect in the Skia graphics library. It could be triggered via malicious HTML pages to corrupt memory, which could lead to arbitrary code execution or crashes."
"CVE-2026-3910 is an inappropriate implementation weakness in the V8 JavaScript engine that could allow attackers to craft malicious HTML pages and execute arbitrary code. V8 flaws are often targeted in sandbox escape attacks. Google has not provided details on the exploitation of these vulnerabilities, but Chrome bugs found by Google are often targeted by commercial spyware vendors."
"Both security defects were resolved in Chrome versions 146.0.7680.75/76 for Windows and macOS, and in version 146.0.7680.75 for Linux. Fixes for the bugs were also included in Chrome for Android version 146.0.76380.115. The emergency security update was rolled out two days after Chrome 146 was promoted to the stable channel with fixes for 29 flaws."
Google released an emergency Chrome 146 update addressing two high-severity zero-day vulnerabilities (CVE-2026-3909 and CVE-2026-3910) with CVSS scores of 8.8 that are actively exploited in the wild. CVE-2026-3909 is an out-of-bounds write flaw in the Skia graphics library enabling memory corruption and arbitrary code execution through malicious HTML. CVE-2026-3910 represents an inappropriate implementation weakness in the V8 JavaScript engine allowing arbitrary code execution via crafted HTML pages. The fixes were deployed across Chrome versions 146.0.7680.75/76 for Windows and macOS, 146.0.7680.75 for Linux, and Android version 146.0.76380.115. This emergency update followed Chrome 146's stable release two days prior, which included fixes for 29 vulnerabilities. Google distributed approximately $210,000 in bounty rewards to researchers reporting these bugs.
#chrome-security-update #zero-day-vulnerabilities #v8-javascript-engine #skia-graphics-library #emergency-patch
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]