【Vulnerability Alert】Chromium-based browsers contain 31 high-risk security vulnerabilities. Please verify and apply the necessary patches as soon as possible.

publish date : 2026-03-20 update date : 2026-03-20

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026031911035656 Publication Time 2026/03/19 11:02
Incident Type ANA-Vulnerability Alert Discovery Time 2026/03/19 11:02
Impact Level Medium  
[Subject]
【Vulnerability Alert】Chromium-based browsers contain 31 high-risk security vulnerabilities. Please verify and apply the necessary patches as soon as possible.
[Content]
Forwarded from the National Institute of Cyber Security NISAC-200-202603-00000010

Security researchers have discovered that Chromium-based browsers, including Google Chrome, Microsoft Edge, Vivaldi, Brave, and Opera, contain 31 high-risk security vulnerabilities (CVE-2026-3909, CVE-2026-3910, CVE-2026-3913 to CVE-2026-3932, and CVE-2026-3934 to CVE-2026-3942). The vulnerability types include Out-of-bounds Write, Code Injection, and Use After Free. In the worst-case scenario, an unauthenticated remote attacker could exploit these vulnerabilities via specially crafted HTML pages to execute arbitrary code within the browser sandbox environment. Among them, CVE-2026-3909 and CVE-2026-3910 have already been exploited by attackers. Please verify your systems and apply the necessary patches as soon as possible.

(Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]
Google Chrome versions prior to 146.0.7680.80 (excluding 146.0.7680.80)
Microsoft Edge versions prior to 146.0.3856.62 (excluding 146.0.3856.62)
Vivaldi versions prior to 7.8.3925.81 (excluding 7.8.3925.81)
Brave versions prior to 1.88.132 (excluding 1.88.132)
Opera versions prior to 128.0.5807.77 (excluding 128.0.5807.77)

[Recommended Actions]

  1. Please update Google Chrome to version 146.0.7680.80 (inclusive) or later.
    https://support.google.com/chrome/answer/95414?hl=zh-Hant

  2. Please update Microsoft Edge to version 146.0.3856.62 (inclusive) or later.
    https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1

  3. Please update Vivaldi to version 7.8.3925.81 (inclusive) or later.
    https://help.vivaldi.com/desktop/install-update/update-vivaldi/

  4. Please update Brave to version 1.88.132 (inclusive) or later.
    https://community.brave.com/t/how-to-update-brave/384780

  5. Please update Opera to version 128.0.5807.77 (inclusive) or later.
    https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser

 
[Reference]
1. https://support.google.com/chrome/answer/95414?hl=zh-Hant
2. https://support.microsoft.com/zh-tw/topic/microsoft-edge-%E6%9B%B4%E6%96%B0%E8%A8%AD%E5%AE%9A-af8aaca2-1b69-4870-94fe-18822dbb7ef1
3. https://help.vivaldi.com/desktop/install-update/update-vivaldi/
4. https://community.brave.com/t/how-to-update-brave/384780
5. https://help.opera.com/en/latest/crashes-and-issues/#updateBrowser
6. https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html
7. https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_12.html
8. https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_13.html
9. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3909
10. https://vivaldi.com/blog/desktop/autohide-and-security-updates-vivaldi-browser-snapshot-3970-28/
11. https://www.reddit.com/r/brave_browser/comments/1rtmkxf/release_channel_188132/
12. https://blogs.opera.com/security/2026/03/update-your-browser-security-fix-for-chrome-zero-day-cve-2026-3910/
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center