Google has released an urgent Chrome update to patch a pair of actively exploited zero-day vulnerabilities, The Register reports.Fixed by Google were the out-of-bounds bug in Chrome's Skia graphics library, tracked as CVE-2026-3909, which could be leveraged to crash the browser or run attacker code, and the inappropriate implementation defect in the V8 JavaScript and WebAssembly engine, tracked as CVE-2026-3910, which could be abused for script execution on webpages."Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed," Google said.Patches are included in the latest Chrome Stable update for Windows, Linux, and macOS. Updates should install automatically, but users can also trigger them manually via Chrome's settings followed by the restart of the browser. Such a development comes nearly a month after Google fixed another actively exploited Chrome zero-day flaw, tracked as CVE-2026-2441.
Vulnerability Management, Patch/Configuration Management
Actively exploited Google Chrome zero-days receive emergency fixes
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds