Chrome emergency zero-day patch (CVE-2026-3909, CVE-2026-3910)
Security Patch Release
Summary
Hide ▲
Show ▼
Google pushed an emergency Chrome update for Stable Desktop users on Windows, macOS, and Linux after confirming CVE-2026-3909 and CVE-2026-3910 are exploited in the wild. The patch reduces risk from Skia and V8 flaws that can lead to browser crashes or code execution. Google said the out-of-band rollout may take days or weeks, so users may need to check for updates manually.
Related Happenings
DuckDuckGo browser rolls out built-in YouTube ad blocking on iOS, Mac, Windows, and Android
Security Tool/Service
H score11
First: 08.07.2026 15:00
Last: 08.07.2026 15:00
Sources 1
About this happening:
DuckDuckGo's browser added **built-in YouTube ad blocking**, reducing interruptions for people watching videos on the standard **YouTube** site. The rollout is enabled by default...
DuckDuckGo browser rolls out built-in YouTube ad blocking on iOS, Mac, Windows, and Android
Security Tool/ServiceAbout this happening: DuckDuckGo's browser added **built-in YouTube ad blocking**, reducing interruptions for people watching videos on the standard **YouTube** site. The rollout is enabled by default...
Google Chrome 149 security update
Security Patch Release
H score28
First: 12.06.2026 12:27
Last: 12.06.2026 12:27
Sources 1
About this happening:
Google rolled out **Chrome 149** for **Windows, macOS, and Linux**, resolving **28 critical and high-severity vulnerabilities**. The update reduces risk from browser compromise, m...
Google Chrome 149 security update
Security Patch ReleaseAbout this happening: Google rolled out **Chrome 149** for **Windows, macOS, and Linux**, resolving **28 critical and high-severity vulnerabilities**. The update reduces risk from browser compromise, m...
Google security patch release for CVE-2026-11645
Security Patch Release
H score56
First: 09.06.2026 09:56
Last: 09.06.2026 09:56
Sources 1
About this happening:
**Google** released **emergency Chrome updates** to fix **CVE-2026-11645**, a **zero-day** that had already been **exploited in the wild**. The patched release covers **Chrome Sta...
Google security patch release for CVE-2026-11645
Security Patch ReleaseAbout this happening: **Google** released **emergency Chrome updates** to fix **CVE-2026-11645**, a **zero-day** that had already been **exploited in the wild**. The patched release covers **Chrome Sta...
Google security patch release for CVE-2026-10881
Security Patch Release
H score26
First: 06.06.2026 10:28
Last: 06.06.2026 10:28
Sources 1
About this happening:
Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...
Google security patch release for CVE-2026-10881
Security Patch ReleaseAbout this happening: Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...
ExploitBench benchmark shows frontier AI models can stage Chrome exploit chains against vulnerable V8 builds
Technical Analysis
H score16
First: 04.06.2026 16:00
Last: 04.06.2026 16:00
Sources 1
About this happening:
Bugcrowd’s **ExploitBench** now shows frontier AI models can progress through staged **Google Chrome** exploit chains, raising the risk of faster **AI-assisted exploit development...
ExploitBench benchmark shows frontier AI models can stage Chrome exploit chains against vulnerable V8 builds
Technical AnalysisAbout this happening: Bugcrowd’s **ExploitBench** now shows frontier AI models can progress through staged **Google Chrome** exploit chains, raising the risk of faster **AI-assisted exploit development...
Timeline
-
13.03.2026 11:17 1 articles · 3mo ago
Google reports Chrome zero-day findings in Skia and V8
Initial DisclosureGoogle discovers and reports CVE-2026-3909, an out-of-bounds write vulnerability in the Skia 2D graphics library, and CVE-2026-3910, an inappropriate implementation vulnerability in the V8 JavaScript and WebAssembly engine, on March 10, 2026; both issues are reachable via crafted HTML pages.
Show sources
- Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8 — thehackernews.com — 13.03.2026 11:17
-
13.03.2026 11:17 1 articles · 3mo ago
Google ships Chrome fixes for exploited zero-days
Mitigation Patch UpdateGoogle releases Chrome security updates for Windows, macOS, and Linux to fix CVE-2026-3909 and CVE-2026-3910, advising users to install 146.0.7680.75/76 on Windows and macOS or 146.0.7680.75 on Linux and relaunch the browser.
Show sources
- Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8 — thehackernews.com — 13.03.2026 11:17
-
13.03.2026 08:56 2 articles · 3mo ago
Google releases emergency Chrome patch for two exploited zero-days
Mitigation Patch UpdateGoogle released emergency security updates for Chrome Stable Desktop on Windows, macOS, and Linux to fix CVE-2026-3909 in Skia and CVE-2026-3910 in the V8 JavaScript and WebAssembly engine after confirming exploits exist in the wild. The out-of-band update was rolled out within two days of reporting and may take days or weeks to reach all users, with version updates including 146.0.7680.75 and 146.0.7680.76.
Show sources
- Google fixes two new Chrome zero-days exploited in attacks — www.bleepingcomputer.com — 13.03.2026 08:56
- Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8 — thehackernews.com — 13.03.2026 11:17