Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Multiple high-severity vulnerabilities in Google Chrome (CVE-2026-3909 in Skia and CVE-2026-3910 in V8) could allow arbitrary code execution in the context of the logged-on user through drive-by compromise (Initial Access: TA0001, Technique: T1189). Exploitation could permit attackers to install programs, view/change/delete data, or create accounts with the user’s privileges; users with reduced rights would be less impacted. The report does not indicate active exploitation in the wild.