You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 0899
About this tag
CVE-2026-0899 is an out-of-bounds memory access vulnerability in the V8 JavaScript engine that was fixed upstream in Chrome 144, with Google rolling out the fix on January 13, 2026. Microsoft documents this Chromium-assigned CVE in its Security Update Guide because Microsoft Edge, being Chromium-based, consumes Chromium open-source code. The SUG entry serves as Microsoft's downstream statement that a given Edge build includes the patch. To verify your browser is patched, check that your Edge or Chrome version is at or above the fixed build. This tag covers discussions on how to confirm the patch status and understand the relationship between Chromium CVEs and Microsoft's security advisories.
Title: Why CVE-2026-0899 (V8 out‑of‑bounds) shows up in Microsoft’s Security Update Guide — and how to check whether your browser is patched
Summary
CVE-2026-0899 is an out‑of‑bounds memory access bug in the V8 JavaScript engine that was fixed upstream in Chrome 144. Google started rolling the...