AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2026-3910: Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesMarch 12, 2026CVE-2026-3910

Summary

Google Chromium V8 has a memory buffer vulnerability (a flaw where operations exceed safe memory boundaries) that lets remote attackers run arbitrary code inside a sandbox through a crafted HTML page. This affects multiple browsers built on Chromium, including Chrome, Microsoft Edge, and Opera, and is currently being actively exploited by attackers.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date for action is 2026-03-27.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.1%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

March 12, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-119

CAPEC (Attack Pattern)

CAPEC-100

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-3910

First tracked: March 13, 2026 at 01:23 PM

Classified by LLM (prompt v3) · confidence: 95%