WireByte

Home / Latest

Google Patches Fifth Exploited Chrome Zero-Day of 2026
Image: Wikipedia
Latest

Google Patches Fifth Exploited Chrome Zero-Day of 2026

WireByte Staff · June 9, 2026

Google has released an emergency update for its Chrome browser, addressing the fifth actively exploited zero-day vulnerability of 2026. The flaw, impacting the V8 JavaScript engine, was reportedly exploited in the wild. Google awarded a researcher $55,000 for discovering and reporting the bug, which has now been patched across Windows, macOS, and Linux.

Key points

  • Google released a patch for its fifth actively exploited Chrome zero-day vulnerability of 2026.
  • The flaw, identified as CVE-2026-11645, is an out-of-bounds memory access bug within Chrome's V8 JavaScript engine.
  • The vulnerability was confirmed to be exploited in the wild by an unknown researcher.
  • Google awarded the bug finder, identified by the handle "303f06e3", a $55,000 bounty.
  • The patch is available for Chrome on Windows, macOS, and Linux, urging users to update immediately.

Google has swiftly addressed a critical security vulnerability in its Chrome browser, marking the fifth actively exploited zero-day discovered and patched this year. The flaw, officially designated CVE-2026-11645, resides within the V8 JavaScript engine, a core component of the browser.

While Google has been tight-lipped on specifics, citing the need to prevent further exploitation, the company confirmed the vulnerability was being used in real-world attacks. This discovery prompted an immediate patch, rolled out for the Stable Channel releases on Windows, macOS, and Linux. Users are strongly advised to update their browsers to the latest version as soon as possible.

In recognition of the severity and timely report, Google rewarded the security researcher, known online as "303f06e3," with a $55,000 bounty. This payment underscores the potential impact of vulnerabilities within the V8 engine, which has been a frequent target for attackers over the years. This latest patch signifies an ongoing challenge for Chrome developers in maintaining robust security against emerging threats.

Sources

WireByte Staff — Editorial Team

The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.