Actively exploited in the wild
Google Chromium V8 Type Confusion Vulnerability
Google — Chromium V8 · Listed in the CISA KEV since 2023-06-07. This indicates confirmed attacks in production environments.
Required action: Apply updates per vendor instructions.
CVE-2023-3079
HighCVSS 8.8KEVExploitation Probability (EPSS)
Very high risk98th percentile — higher than 98% of all known CVEs
Summary
Type confusion in V8 in Google Chrome prior to version 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Risk Assessment
An attacker could exploit this vulnerability to gain control over the victim's system, posing a serious security threat to the organization.
Recommendation
It is recommended to update Google Chrome to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

