Tendvane

← All articles

SecurityJuly 2, 2026

Chrome's fifth zero-day of 2026 is being exploited right now — update your browser today

Google has shipped an emergency Chrome update to close CVE-2026-11645, a memory bug in the browser's V8 JavaScript engine that lets a booby-trapped web page run code on your PC. Google says it is already being exploited in the wild — and it is the fifth actively attacked Chrome zero-day of 2026.

The fix is in Chrome 149.0.7827.102 (and .103 on Mac). Because these flaws can be triggered just by visiting a page, updating quickly matters more than usual.

What to do: open Chrome's menu (⋮) → Help → About Google Chrome. It checks for the update automatically; when it says "Relaunch," click it. Chromium-based browsers like Microsoft Edge, Brave and Opera share the same engine and get the same fix — update those too. Restarting the browser is the step people skip, and the patch does not take effect until you do.

Browsers are the single most attacked app on any home PC, which makes keeping them current the cheapest security win you have. Tendvane's app-update tool lists every out-of-date program on your machine — browsers included — and updates them in one click via winget, so you are not relying on remembering to check each one.

Sources

Download Tendvane