It is this time of the week again. Google has just released a security update for its Chrome web browser to patch two security issues with known attacks in the wild.
The update, which is available for Chrome on all desktop platforms and for Android, addresses two security issues. Google rates both with a severity rating of high.
The first issue is an out of bounds write in Skia, the specialized 2D graphics engine that is responsible for nearly everything that you see on the screen. It draws shapes, renders text, or displays images.
The second vulnerability is an inappropriate implementation in V8, another core component of all Chromium-based browsers. It is Google’s open source JavaScript and WebAssembly engine.
Google writes:
[N/A][491421267] High CVE-2026-3909: Out of bounds write in Skia. Reported by Google on 2026-03-10
[N/A][491410818] High CVE-2026-3910: Inappropriate implementation in V8. Reported by Google on 2026-03-10
Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910 exist in the wild.
Most unmanaged Chrome installations should receive the update automatically. You can speed it up by loading chrome://settings/help, if Chrome is open. Windows users may also run winget upgrade google.chrome.exe from the command line to upgrade the browser without opening it.
Expect upgrades for other Chromium-based browsers in the coming hours and days as well, as all use the very same components.