Google Chrome has a high-severity zero-day (CVSS 8.8) confirmed exploited in the wild via malicious webpages, representing the fourth Chrome zero-day exploited in attacks in 2026. The CVE identifier was not confirmed in source data at time of reporting; the authoritative record and patched version number should be obtained from the Chrome Releases blog at https://chromereleases.googleblog.com before relying on specific build details. All organizations should immediately deploy the patched Chrome version via endpoint management tooling and verify version compliance across the fleet, prioritizing internet-facing workstations and privileged-access endpoints.