Vulnerability intelligence

CVE-2022-3723

Google Chromium V8 Type Confusion Vulnerability

Google Chromium V8

Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVSS Score

8.8

High

EPSS — Exploit Probability

0.5%

Riskier than 67% of all CVEs

Exploitation

Confirmed in the wild

Used in ransomware campaigns

Remediation

Patch available

Federal deadline 2022-11-18

CISA required action

Apply updates per vendor instructions. Deadline for federal agencies: 2022-11-18.

NVD entry Vendor patch PoC / advisory CISA KEV

1 article across 1 outlet · first covered May 3, 2026 · latest May 3, 2026

Coverage timeline

Spyware vendors use 0-days and n-days against popular platforms
blog.google · May 3, 2026

Related CVEs — Google

CVE-2026-11645KEV CVE-2022-4135KEV CVE-2026-5281KEV