- 63/2026
- Critical
Google has released an updated Chrome version 146.0.7680.80 for Windows and Mac, and version 146.0.7680.80 for Linux.
The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, cause memory corruption, or bypass security restrictions by persuading the victim to install a malicious extension or visit a malicious website.
Sample of the addressed vulnerabilities:
1. Google Chrome Insufficient Data Validation in Navigation Vulnerability (CVE-2026-3545):
- CVSS: 9.6
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Bypass Security
2. Google Chrome Inappropriate Implementation in V8 Vulnerability (CVE-2026-3910):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
It should be highlighted that Google is aware that the vulnerabilities “CVE-2026- 3909” and “CVE-2026-3910” are now being exploited in the wild.
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.