CYBERSIXT Signal Over Noise
securityaffairs.com 3/13/2026, 10:46:53 PM · external

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog
CyberSIXT Evidence Panel
Primary Source cisa.gov
CVE Intel
CVE-2026-3909 - NVD CISA KEV due 2026-03-27 8.8 HIGH
CVE-2026-3910 - NVD CISA KEV due 2026-03-27 8.8 HIGH
CISA KEV Listed in KEV
Patch Patch Available

THE U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Google Chrome vulnerabilities, CVE-2026-3909 and CVE-2026-3910, to its Known Exploited Vulnerabilities (KEV) catalog. Both vulnerabilities, which have a CVSS score of 8.8, can be exploited by remote attackers to execute arbitrary code or cause memory corruption through specially crafted HTML pages. Google has acknowledged that exploits for these vulnerabilities exist in the wild and has released updates to address them. Federal agencies are required to rectify these vulnerabilities by March 27, 2026, according to Binding Operational Directive (BOD) 22-01.

View Primary Source Via securityaffairs.com

Article by CyberSIXT