Google Patches Two Actively Exploited Chrome Zero-Day Vulnerabilities

First reported

16.03.2026 16:17

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Google has released security updates for Chrome to address two high-severity zero-day vulnerabilities (CVE-2026-3909 and CVE-2026-3910) that are being actively exploited in the wild. The vulnerabilities involve an out-of-bounds write in the Skia 2D graphics library and an inappropriate implementation in the V8 JavaScript and WebAssembly engine, potentially leading to out-of-bounds memory access or code execution. The patches are available in Chrome versions 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux. These vulnerabilities highlight the ongoing threat of zero-day exploits in widely used software, emphasizing the importance of timely updates and patches to mitigate potential security risks.

Timeline

16.03.2026 16:17 1 articles · 5h ago

Google Patches Two Actively Exploited Chrome Zero-Day Vulnerabilities
Google has released security updates for Chrome to address two high-severity zero-day vulnerabilities (CVE-2026-3909 and CVE-2026-3910) that are being actively exploited in the wild. The vulnerabilities involve an out-of-bounds write in the Skia 2D graphics library and an inappropriate implementation in the V8 JavaScript and WebAssembly engine, potentially leading to out-of-bounds memory access or code execution. The patches are available in Chrome versions 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux.
Show sources

⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More — thehackernews.com — 16.03.2026 16:17
Open in new tab

Information Snippets

Google released security updates for Chrome to address two zero-day vulnerabilities (CVE-2026-3909 and CVE-2026-3910) that are being actively exploited.
First reported: 16.03.2026 16:17

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More — thehackernews.com — 16.03.2026 16:17
CVE-2026-3909 is an out-of-bounds write vulnerability in the Skia 2D graphics library.
First reported: 16.03.2026 16:17

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More — thehackernews.com — 16.03.2026 16:17
CVE-2026-3910 is an inappropriate implementation vulnerability in the V8 JavaScript and WebAssembly engine.
First reported: 16.03.2026 16:17

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More — thehackernews.com — 16.03.2026 16:17
The vulnerabilities could result in out-of-bounds memory access or code execution.
First reported: 16.03.2026 16:17

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More — thehackernews.com — 16.03.2026 16:17
The patches are available in Chrome versions 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux.
First reported: 16.03.2026 16:17

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More — thehackernews.com — 16.03.2026 16:17