【資安漏洞預警】以Chromium為基礎之瀏覽器存在74個高風險安全漏洞，請儘速確認並進行修補

【資安漏洞預警】以Chromium為基礎之瀏覽器存在74個高風險安全漏洞，請儘速確認並進行修補
[Security Vulnerability Alert] Chromium-based browsers contain 74 high-risk security vulnerabilities. Please identify and patch them as soon as possible.

發布單位：圖資處數位服務組

日期範圍：2026/6/18 ～ 2026/12/18

發布單位：圖資處數位服務組

日期範圍：2026/6/18 ～ 2026/12/18

行政行政公告

全體

轉發國家資安資訊分享與分析中心資安訊息警訊 NISAC-200-202606-00000006

[內容說明]
研究人員發現Google Chrome、Microsoft Edge、Vivaldi、Brave及Opera等以Chromium為基礎之瀏覽器存在74個高風險安全漏洞(CVE-2026-11628至CVE-2026-11701)，類型包含使用釋放後記憶體(Use After Free)與越界記憶體存取(Out-of-Bounds Memory Access)等，最嚴重可使未經身分鑑別之遠端攻擊者誘使使用者開啟特製HTML頁面，進而於瀏覽器沙盒環境內執行任意程式碼。其中CVE-2026-11645已遭駭客利用，請儘速確認並進行修補。

[影響平台]
Google Chrome 149.0.7827.102(不含)以前版本
Microsoft Edge 149.0.4022.62(不含)以前版本
Vivaldi 8.0.4033.46 (不含)以前版本
Brave 1.91.171(不含)以前版本
Opera 132.0.5905.37(不含)以前版本

[建議措施]
1.請更新Google Chrome瀏覽器至149.0.7827.102(含)以後版本 https://support.google.com/chrome/answer/95414?hl=zh-Hant

2.請更新Microsoft Edge瀏覽器至149.0.4022.62(含)以後版本 https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1

3.請更新Vivaldi瀏覽器至8.04033.46(含)以後版本 https://help.vivaldi.com/desktop/install-update/update-vivaldi/

4.請更新Brave瀏覽器至1.91.171(含)以後版本 https://community.brave.com/t/how-to-update-brave/384780

5.請更新Opera瀏覽器至132.05905.37(含)以後版本 https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser

[參考資料]
1. https://support.google.com/chrome/answer/95414?hl=zh-Hant
2. https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1
3. https://help.vivaldi.com/desktop/install-update/update-vivaldi/
4. https://community.brave.com/t/how-to-update-brave/384780
5. https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser
6. https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html
7. https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
9. https://vivaldi.com/blog/desktop/tabs-and-site-info-vivaldi-browser-snapshot-4070-3/
10. https://brave.com/latest/
11. https://blogs.opera.com/security/2026/06/update-your-browser-security-fix-for-chrome-zero-day-cve-2026-11645/

Forwarded from National Cybersecurity Information Sharing and Analysis Center: Cybersecurity Alert NISAC-200-202606-00000006

[Content Description]
Researchers have discovered 74 high-risk security vulnerabilities (CVE-2026-11628 to CVE-2026-11701) in Chromium-based browsers such as Google Chrome, Microsoft Edge, Vivaldi, Brave, and Opera. These vulnerabilities include Use After Free and Out-of-Bounds Memory Access, among others. In the most serious cases, unauthenticated remote attackers could trick users into opening specially crafted HTML pages, thereby executing arbitrary code within the browser's sandbox environment. CVE-2026-11645 has already been exploited by hackers; please confirm and patch it as soon as possible.

[Affected Platforms]
Google Chrome versions prior to 149.0.7827.102
Microsoft Edge versions prior to 149.0.4022.62
Vivaldi versions prior to 8.0.4033.46
Brave versions prior to 1.91.171
Opera versions prior to 132.0.5905.37

[Recommended Measures]
1. Please update Google Chrome to version 149.0.7827.102 or later. https://support.google.com/chrome/answer/95414?hl=zh-Hant

2. Please update Microsoft Edge to version 149.0.4022.62 or later.
https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1

3. Please update Vivaldi browser to version 8.04033.46 or later.
https://help.vivaldi.com/desktop/install-update/update-vivaldi/

4. Please update Brave browser to version 1.91.171 or later.
https://community.brave.com/t/how-to-update-brave/384780

5. Please update Opera browser to version 132.05905.37 or later.
https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser

[References]
1. https://support.google.com/chrome/answer/95414?hl=zh-Hant
2. https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1
3. https://help.vivaldi.com/desktop/install-update/update-vivaldi/
4. https://community.brave.com/t/how-to-update-brave/384780
5. https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser
6. https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html
7. https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
9. https://vivaldi.com/blog/desktop/tabs-and-site-info-vivaldi-browser-snapshot-4070-3/
10. https://brave.com/latest/
11. https://blogs.opera.com/security/2026/06/update-your-browser-security-fix-for-chrome-zero-day-cve-2026-11645/

【資安漏洞預警】以Chromium為基礎之瀏覽器存在74個高風險安全漏洞，請儘速確認並進行修補
[Security Vulnerability Alert] Chromium-based browsers contain 74 high-risk security vulnerabilities. Please identify and patch them as soon as possible.

發布單位：圖資處數位服務組

日期範圍：2026/6/18 ～ 2026/12/18

行政行政公告

全體

相關附件

無

【返回上頁】

【資安漏洞預警】以Chromium為基礎之瀏覽器存在74個高風險安全漏洞，請儘速確認並進行修補 [Security Vulnerability Alert] Chromium-based browsers contain 74 high-risk security vulnerabilities. Please identify and patch them as soon as possible.

發布單位：圖資處數位服務組

日期範圍：2026/6/18 ～ 2026/12/18

行政 行政公告

全體

相關附件

無

【返回上頁】

【資安漏洞預警】以Chromium為基礎之瀏覽器存在74個高風險安全漏洞，請儘速確認並進行修補
[Security Vulnerability Alert] Chromium-based browsers contain 74 high-risk security vulnerabilities. Please identify and patch them as soon as possible.

行政行政公告