CISA Adds Google Skia and Chromium V8 Vulnerabilities to KEV Catalog
CISA added CVE-2026-3909, an out-of-bounds write vulnerability in Google Skia, and CVE-2026-3910, an unspecified vulnerability in Google Chromium V8 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, highlighting the need for timely remediation.
On March 13, 2026, CISA added CVE-2026-3909, an out-of-bounds write vulnerability in Google Skia, and CVE-2026-3910, an unspecified vulnerability in Google Chromium V8, to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are actively being exploited in the wild and are considered frequent attack vectors. While CISA’s BOD 22-01 mandates Federal Civilian Executive Branch (FCEB) agencies to remediate these vulnerabilities, CISA strongly urges all organizations to prioritize…
Detection coverage 2
Detect Chrome Executing From Unusual Location
highDetects Google Chrome execution from unusual paths, which can indicate exploitation or malware injection.
Detect Skia Library Loaded by Suspicious Processes
mediumDetects the Skia library being loaded by processes that are not typically associated with it.
Detection queries are kept inside the platform. Get full rules →