CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11645CVSS 8.8CISA KEVKnown Exploited

CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVSS
8.8 HIGH
EPSS
73.7%
Known exploited
yes
Product
Chromium V8

What is known

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Sources