CVE-2026-3910 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: March 13, 2026
Google Chrome - Remote Code Execution
Overview
Google Chrome < 146.0.7680.75 contains a remote code execution caused by inappropriate implementation in V8 engine, letting remote attackers execute arbitrary code inside sandbox via crafted HTML page.
Severity & Score
Impact
Remote attackers can execute arbitrary code inside the sandbox, potentially compromising the browser environment.
Mitigation
Update to version 146.0.7680.75 or later.
References
Social Media Activity(2 posts)
⚪️ Google Fixes Two 0-Day Vulnerabilities in Chrome 🗨️ Google developers have released an emergency update for the Chrome browser that fixes two zero-day vulnerabilities, which were already being exploited in real-world attacks. “Google is aware that exploits exist for vulnerabilities CVE-2026-3909 and CVE-2026-3910,” according to the security bulletin… 🔗 https://hackmag.com/news/two-chrome-0days?utm_source=mastodon&utm_medium=social&utm_campaign=repost_hackmag_to_socials #news
View original post
Google posted this yesterday, addressing CVE-2026-3909 and CVE-2026-3910. Long Term Support Channel Update for ChromeOS https://chromereleases.googleblog.com/ #Google #Chrome #infosec
View original postRelated Resources
Details
- CVE ID
- CVE-2026-3910
- Severity
- High
- CVSS Score
- 8.8
- Type
- undefined
- Status
- confirmed
- EPSS
- 1119.6%
- Social Posts
- 2
CWE
- CWE-94
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H