{
  "title": "Google Chromium V8 CVE-2026-11645: KEV Out-of-Bounds Execution in JavaScript Engine",
  "summary": "CISA added Google Chromium V8 CVE-2026-11645 to its KEV catalog on 2026-06-09 due to active exploitation. This high-severity out-of-bounds read and write flaw in the V8 engine allows remote attackers to execute arbitrary code or cause browser crashes by luring users to crafted HTML pages.",
  "date": "2026-06-09",
  "severity": "high",
  "tags": [
    "google-chrome",
    "chromium",
    "v8",
    "cisa-kev",
    "zero-day"
  ],
  "sources_count": 3,
  "indicators": {
    "slug": "google-chromium-v8-cve-2026-11645-kev",
    "since": "2026-06-09T00:00:00Z",
    "until": "2026-06-09T23:59:59Z",
    "ecosystem": "",
    "cves": [
      "CVE-2026-11645"
    ],
    "cwes": [
      "CWE-125"
    ],
    "advisoryIds": [],
    "products": [
      "Chromium V8 Engine"
    ],
    "packages": [
      "google-chrome",
      "chromium"
    ],
    "versions": [],
    "affectedVersions": [
      "Chrome < 149.0.7827.102 / 103"
    ],
    "fixedVersions": [
      "149.0.7827.102 (Windows/Linux)",
      "149.0.7827.103 (macOS/Windows)"
    ],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [],
    "urls": [],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": [
      "149.0.7827",
      "chrome"
    ]
  }
}