Signal

Google fixes two actively exploited zero-day vulnerabilities in Chrome

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-03-12 23:43 UTCUpdated 2026-03-13 13:23 UTC

rss

cveexploitssecurity_toolingincident_response

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (7)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (4 domains)

4 top sources shown

Google Chrome security advisory (AV26-235)

Canadian Centre for Cyber Security - Alerts · News · cyber.gc.ca · 2026-03-13 13:23 UTC

Google rushes Chrome update fixing two zero-days already under attack

The Register Security · News · go.theregister.com · 2026-03-13 11:25 UTC

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

The Hacker News · News · thehackernews.com · 2026-03-13 09:17 UTC

NCSC-2026-0097 [1.00] [M/H] Kwetsbaarheden verholpen in Google Chrome

NCSC NL Security Advisories · News · advisories.ncsc.nl · 2026-03-13 08:33 UTC

View all evidence

Overview

On March 12, 2026, Google released an urgent update for Chrome addressing two critical zero-day vulnerabilities in the V8 JavaScript engine and Skia graphics library.

Entities

GoogleChromeV8 JavaScript engineSkia graphics library

Score total

1.6

Momentum 24h

7

Posts

7

Origins

6

Source types

1

Duplicate ratio

0%

Why now

Google released the patch urgently due to active exploitation in the wild.
Multiple national cybersecurity agencies have issued advisories simultaneously.
This is the third actively exploited Chrome zero-day in 2026, indicating persistent threats.

Why it matters

The vulnerabilities allow remote code execution and unauthorized memory access, risking user security.
Active exploitation means users are currently at risk until patched.
Chrome is widely used; unpatched systems increase global attack surface.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

Google Chrome versions prior to 146.0.7680.75/76 contain two actively exploited zero-day vulnerabilities (CVE-2026-3909 and CVE-2026-3910)

How sources frame it

The Hacker News: neutral

All evidence

All evidence

Google Chrome security advisory (AV26-235)

Canadian Centre for Cyber Security - Alerts · cyber.gc.ca · 2026-03-13 13:23 UTC

Google rushes Chrome update fixing two zero-days already under attack

The Register Security · go.theregister.com · 2026-03-13 11:25 UTC

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

The Hacker News · thehackernews.com · 2026-03-13 09:17 UTC

NCSC-2026-0097 [1.00] [M/H] Kwetsbaarheden verholpen in Google Chrome

NCSC NL Security Advisories · advisories.ncsc.nl · 2026-03-13 08:33 UTC

chromium: CVSS (Max): 9.6*

AusCERT - Bulletins · portal.auscert.org.au · 2026-03-13 00:10 UTC

Multiples vulnérabilités dans Google Chrome (13 mars 2026)

CERT-FR (FR) - All · cert.ssi.gouv.fr · 2026-03-13 00:00 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 6Origin domains: 6Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 6 / 0

Top publishers (this list)

Canadian Centre for Cyber Security - Alerts (1)
The Register Security (1)
The Hacker News (1)
NCSC NL Security Advisories (1)
AusCERT - Bulletins (1)
CERT-FR (FR) - All (1)

Top origin domains (this list)

cyber.gc.ca (1)
go.theregister.com (1)
thehackernews.com (1)
advisories.ncsc.nl (1)
portal.auscert.org.au (1)
cert.ssi.gouv.fr (1)