Chrome Users Need To Update Now As Google Patches Another Active Zero-Day

hero google chrome logo tools update image
Google's latest Stable Channel update for Google Chrome on desktop includes a whopping 74 security fixes, including a patch for major zero-day (CVE-2026-11645) that is currently being exploited out in the wild.

CVE-2026-11645 was reported to Google two weeks ago and relates to a Chrome V8 JavaScript engine vulnerability that allows attackers to exploit an out-of-bounds memory error to execute arbitrary code within the browser. This allows attackers to access data outside of intended memory bounds, and Google confirms that the exploit has been used for real-world attacks.

For those who want to make sure they receive the update as soon as possible, just open up the triple-dot Settings menu on Chrome, go to the "Help" dropdown, and click "About Google Chrome." Doing this will open up the page screenshotted below, at which point the latest available Chrome update will be automatically downloaded to your system and applied after a restart.

chrome update v149

As highlighted by Bleeping Computer, this is the fifth zero-day Chrome exploit Google has addressed since the beginning of the year.

Other issues included CVE-2026-2441, which exploited Chrome's CSS font feature values, and CVE-2026-5281, which exploited Chrome's WebGPU implementation. One other zero-day, CVE-2026-3909 was also an out-of-bounds vulnerability, but for writes in the Skia 2D graphics library. CVE-2026-3910 related to an implementation vulnerability in V8 JavaScript and WebAssembly.

Cybersecurity has been front and center in the news lately. AI has accelerated both the development of new threats and the discovery of more vulnerabilities.

Of the 74 security fixes included in the new Chrome update, 17 CVEs were rated "Critical", 56 were rated "High", and only 2 were rated "Medium." While it's good that Google seems to be staying on top of these (and even lists the tools it used to find many of them,) it is a little off-putting to see just how many exploits are continuously being discovered in software as pervasive as Chrome. Hopefully, users will remain mindful of consistent security patches and good practices as we move further into the AI-assisted era of cybersecurity and cyber attacks.
Chris Harper

Chris Harper

Christopher Harper is a tech writer with over a decade of experience writing how-tos and news. Off work, he stays sharp with gym time & stylish action games.