https://techmonitor.ai/technology/cybersecurity/zero-day-vulnerability-google-chrome-browser

A critical vulnerability in Google's Chrome web browser has been exploited in the wild, the tech giant has admitted in a new security update. Named CVE-2023-4863 by the search giant, the flaw – patched by the update – is a 'zero-day' vulnerability with no known remedy and was caused by a "WebP heap buffer overflow" weakness in the Chrome browser. When exploited, the flaw can allow outside parties to run commands on target devices remotely. Google added that it was "aware that an exploit for CVE-2023-4863 exists in the wild," but did not provide further details about the vulnerability.  

"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said. "We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed."