Latest Cyber Security News

You are here: Home / General Cyber Security News / Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
March 13, 2026

Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild.

The list of vulnerabilities is as follows –

  • CVE-2026-3909 (CVSS score: 8.8) – An out-of-bounds write vulnerability in the Skia 2D graphics library that allows a remote attacker to perform out-of-bounds memory access via a crafted HTML page.
  • CVE-2026-3910 (CVSS score: 8.8) – An inappropriate implementation vulnerability in the V8 JavaScript and WebAssembly engine that allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Both vulnerabilities were discovered and reported by Google itself on March 10, 2026. As is customary in these cases, no details are available about how the issues are being abused in the wild and who is behind the efforts. This is done so as to prevent other threat actors from exploiting the issues.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Cybersecurity

“Google is aware that exploits for both CVE-2026-3909 and CVE-2026-3910 exist in the wild,” the company noted.

The development comes less than a month after Google shipped fixes for a high-severity use-after-free bug in Chrome’s CSS component (CVE-2026-2441, CVSS score: 8.8) that had also been exploited as a zero-day. Google has patched a total of three actively weaponized Chrome zero-days since the start of the year.

For optimal protection, users are advised to update their Chrome browser to versions 146.0.7680.75/76 for Windows and Apple macOS, and 146.0.7680.75 for Linux. To make sure the latest updates are installed, users can navigate to More > Help > About Google Chrome and select Relaunch.

Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *