- Google urgently released patches for two high-severity Chrome vulnerabilities already being actively exploited in attacks, which the company confirmed.
- The flaws, CVE-2026-3909 and CVE-2026-3910, allow remote attackers to execute arbitrary code or access memory via a crafted webpage, according to official details.
- This marks the third time in 2026 that Google has had to patch zero-day exploits in its Chrome browser, following a similar fix less than a month prior.
- Users of Chrome and other Chromium-based browsers like Microsoft Edge and Brave are strongly advised to update immediately to the latest versions.
On Thursday, March 13, 2026, Google issued a critical security update for its Chrome web browser to combat two high-severity vulnerabilities already weaponized by attackers in active campaigns.
Specifically, the first flaw, designated CVE-2026-3909, is an out-of-bounds write issue within the Skia graphics library. Consequently, this allows a remote attacker to perform unauthorized memory access via a malicious HTML page.
The second vulnerability, CVE-2026-3910, involves an inappropriate implementation in the V8 JavaScript engine. This flaw similarly lets an attacker execute arbitrary code inside the browser’s sandbox through crafted web content.
Google discovered and reported both issues internally on March 10, 2026. However, the company has withheld technical details about the ongoing exploits to prevent further abuse by other threat actors.
“Google is aware that exploits for both CVE-2026-3909 and CVE-2026-3910 exist in the wild,” the firm stated. This urgent development follows another high-severity zero-day patch released for Chrome less than a month ago.
For protection, users must update to Chrome versions 146.0.7680.75/76 for Windows and macOS, or 146.0.7680.75 for Linux. Meanwhile, users of other Chromium-based browsers should apply fixes as soon as they become available from their respective vendors.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
