Google Releases Security Update for Chrome

Security update addresses two exploited high severity vulnerabilities in Google Chrome

Threat ID:: CC-4755
Threat Severity:: Medium
Published:: 13 March 2026 11:34 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security update addresses two exploited high severity vulnerabilities in Google Chrome

Affected platforms

The following platforms are known to be affected:

Google Chrome for Windows, macOS and Linux

All prior to 146.0.7680.75/76 for Windows
All prior to 146.0.7680.75/76 for macOS
All prior to 146.0.7680.75 for Linux

Threat details

Exploitation of CVE-2026-3909 and CVE-2026-3910

Google is aware that exploits for CVE-2026-3909 and CVE-2026-3910 exist in the wild.

Introduction

Google has released security updates for Chrome to address two high severity vulnerabilities in the Chrome browser.

CVE-2026-3909 - 'Out of bounds write in Skia' vulnerability with a CVSSv3 score of 8.8.
CVE-2026-3910 - 'Inappropriate implementation in V8' vulnerability with a CVSSv3 score of 8.8.

Remediation advice

Affected organisations are encouraged to review Google's Chrome Releases: Stable Channel Update for Desktop advisory and apply the relevant updates as soon as possible.

Definitive source of threat updates

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_12.html

CVE Vulnerabilities

Status Published

CVE-2026-3909

Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Status Published

CVE-2026-3910

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Last edited: 13 March 2026 11:34 am