logo

CVE-2026-11645: Exploited Chrome V8 Bug Enables In-Browser Code Execution

ID: b09c7660-4739-50e6-a30e-4e966b1d4159

STIX ID: report--b09c7660-4739-50e6-a30e-4e966b1d4159

Feed Name: SOCRadar Blog

Threat Score
80/100

Date Published: 2026-06-09

Date Updated: 2026-06-10

Author: Ameer Owda

...
...

CVE-2026-11645 is a high-severity (CVSS 8.8) out-of-bounds read/write vulnerability in Chrome's V8 engine that Google states is being exploited in the wild; fixes were released in Chrome 149 Stable on June 8, 2026 (Windows 149.0.7827.102, macOS 149.0.7827.103, Linux 149.0.7827.102) and immediate patching plus browser restart is recommended to mitigate arbitrary in-browser code execution risk.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.