Google released an urgent security advisory to address a vulnerability being exploited in the wild. CVE-2026-5281 is a use-after-free vulnerability in Dawn, the open-source implementation of the WebGPU standard. This type of memory corruption flaw occurs when an application continues to use a pointer after the memory it points to has been cleared. Attackers can leverage this to execute arbitrary code or bypass critical security boundaries on a … Continue reading “Google Addresses Zero-day Vulnerability Exploited in the Wild (CVE-2026-5281)”
Tag: Google Chrome
Google Patches Two Chrome Vulnerabilities Exploited in the Wild (CVE-2026-3909 & CVE-2026-3910)
Google released fixes to address two zero-day vulnerabilities impacting its Chrome browser. Tracked as CVE-2026-3909 & CVE-2026-3910, both vulnerabilities have been assigned a high severity rating with a CVSS score of 8.8. Both vulnerabilities were discovered and reported by Google itself on March 10, 2026. CISA also acknowledged the active exploitation of the vulnerabilities and added them to its Known Exploited Vulnerabilities Catalog. CISA urged users to patch the vulnerabilities before March … Continue reading “Google Patches Two Chrome Vulnerabilities Exploited in the Wild (CVE-2026-3909 & CVE-2026-3910)”
Google Patches its First Zero-day Vulnerability of the Year (CVE-2026-2441)
Google released a security advisory to address a high-severity zero-day vulnerability in Chrome. Tracked as CVE-2026-2441, the vulnerability is being exploited in the wild. The vulnerability is a use-after-free flaw in the CSS browser’s CSS handling. An independent researcher, Shaheen Fazim, discovered and reported the vulnerability to Google on February 11, 2026.
Google Patches Zero-day Vulnerability Exploited in Attack (CVE-2025-14174)
Google has issued urgent updates to address another Chrome zero-day vulnerability that is actively being exploited in the wild, making it the eighth security flaw fixed since the beginning of the year.
Another Zero-day Vulnerability impacting Google Chrome (CVE-2025-10585)
On Wednesday, Google rolled out security updates for a Chrome vulnerability actively exploited in the wild. Tracked as CVE-2025-10585, the vulnerability is a type confusion flaw in the V8 JavaScript and WebAssembly engine. Google Threat Analysis Group discovered and reported the vulnerability. CISA acknowledged the vulnerability’s active exploitation by adding it to its Known Exploited Vulnerabilities Catalog and … Continue reading “Another Zero-day Vulnerability impacting Google Chrome (CVE-2025-10585)”
Google Addresses Fifth Zero-day Vulnerability impacting Chrome Browser (CVE-2025-6558)
Google addressed six vulnerabilities impacting the Chrome browser. One of the vulnerabilities tracked as CVE-2025-6558 is being exploited in the wild. Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group discovered and reported the vulnerability to Google.
Google Addresses Zero-day Vulnerability impacting Chrome Browser (CVE-2025-6554)
Chrome browser is vulnerable to a security vulnerability being exploited in the wild. Tracked as CVE-205-6554, this is a type confusion vulnerability in V8. Clément Lecigne of Google’s Threat Analysis Group discovered and reported the vulnerability to Google.
Google Fixes Third Zero-day Vulnerability of 2025 in Chrome (CVE-2025-5419)
Clement Lecigne and Benoît Sevens of Google Threat Analysis Group discovered a high-severity vulnerability impacting the Chrome browser. Tracked as CVE-2025-5419, this is an out-of-bounds read and write vulnerability in V8. Google mentioned in the advisory that they are aware of the active exploitation of vulnerability in the wild. Google addressed the vulnerability with a … Continue reading “Google Fixes Third Zero-day Vulnerability of 2025 in Chrome (CVE-2025-5419)”
Google Releases Fix for Zero-day Vulnerability in Chrome (CVE-2025-4664)
Google released a security advisory to address a zero-day vulnerability tracked as CVE-2025-4664. CVE-2025-4664 is an insufficient policy enforcement in Loader. The vulnerability could allow attackers to bypass security policies within Chrome’s Loader logic, potentially leading to unauthorized code execution or sandbox escape. Google mentioned in the advisory that they are aware of the reports … Continue reading “Google Releases Fix for Zero-day Vulnerability in Chrome (CVE-2025-4664)”
Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2025-2783)
Kaspersky researchers Boris Larin and Igor Kuznetsov discovered a high-severity vulnerability in Google Chrome. Tracked as CVE-2025-2783, the vulnerability is being exploited in the wild. This is the first actively exploited Chrome zero-day since the start of the year. Google has not released any technical information about the nature of the attacks. Some reports suggest the … Continue reading “Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2025-2783)”