CVE-2026-3909

Description

Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3909