CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write

Google Chromium V8 Out-of-Bounds Read and Write Vulnerability. Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

• CISA KEV-listed (remediation due 2026-06-23)
• EPSS 5.5% (90.4% percentile)

Related briefings

• Google patches a Chrome zero-day already being used in attacks 2026-06-09

Browse the CVE database

Read the full analysis on IntelFusions