谷歌发布Chrome紧急更新，修复两个已被攻击者利用的零日漏洞CVE-2026-3909和CVE-2026-3910。第一个漏洞影响图形库Skia，存在越界写入问题；第二个漏洞位于V8引擎，存在不当实现缺陷。谷歌证实这两个漏洞的利用代码已在野外传播，但未透露具体攻击细节。修复程序已包含在最新稳定版更新中，用户需重启浏览器完成安装。

JavaScript is a programming language that developers use to make interactive webpages. JavaScript has made webpages and web applications dynamic. It is responsible for refreshing social media feeds, ...

Two days after releasing Chrome 146, Google's unscheduled update addresses two security flaws that are already being exploited in the wild.

The vulnerability in the Chrome V8 JavaScript engine is rated as high severity and was discovered by Google’s Threat Analysis Group. The Google Chrome team issued an update to fix a high-severity ...

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day ...

Google has released an out-of-band Chrome update to patch two zero-day vulnerabilities that are already being actively exploited.

A：该漏洞可能允许恶意扩展程序控制Chrome的Gemini Live面板，实现权限升级。攻击者可以在未经许可的情况下访问受害者的摄像头和麦克风，对任何网站进行截屏，访问本地文件，并向特权页面注入恶意脚本或HTML代码。

Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google has ...

Google has rushed out a Chrome 146 security update that patches two zero-day vulnerabilities exploited in the wild.

Chrome on Windows, Mac, Linux, and Android are affected.

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC ...