CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 27, 2026
Description
Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
EPSS — Exploit Probability
Higher than 79.9% of all CVEs
Required Action
https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_12.html ; https://nvd.nist.gov/vuln/detail/CVE-2026-3910
Related Articles (6)
Chrome 146 Update Patches Two Exploited Zero-Days
The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution.
Mar 13, 2026
Google fixes two new Chrome zero-days exploited in attacks
Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks.
Mar 13, 2026
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Mar 13, 2026
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.
Mar 13, 2026
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
Catch up on the latest cyber threats, attack trends, security research, botnets, phishing, and critical vulnerabilities.
Mar 16, 2026
Chrome 146 Update Patches High-Severity Vulnerabilities
The software refresh fixes eight memory safety bugs affecting seven Chrome components.
Mar 24, 2026
Risk Assessment
ELEVATEDDetails
- Severity
- High
- EPSS
- 1.3%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 6
Timeline
Published
Mar 13, 2026
Added to KEV
Mar 13, 2026
Remediation Due
Mar 27, 2026