CVE-2021-21181

✓ Confirmed 0-Day

Triaged: March 20, 2026 2 articles

VulnLookup ↗ NVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-24

1.36%

probability

This CVE has a 1.36% probability of being exploited in the next 30 days.

0% Top 80.4th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-200 · Information Exposure CWE-203 · Observable Discrepancy CWE-664 · Improper Control of a Resource Through its Lifetime CWE-668 · Exposure of Resource to Wrong Sphere

Google fixes second actively exploited Chrome zero-day bug this year

BleepingComputer Mar 02, 2021

Microsoft March 2021 Patch Tuesday fixes 82 flaws, 2 zero-days

BleepingComputer Mar 09, 2021

Signal Intelligence

Confidenceⓘ

85%

EPSS 1.36%

Mentions 2

Last Seen Mar 09, 2021

CNA Information

Analyst Note

Article [1] explicitly names this CVE as an 'actively exploited Chrome zero-day bug' fixed by Google in 2021, indicating exploitation preceded or coincided with patch availability. The CVE year (2021) aligns with the patch timing, and active exploitation is directly confirmed.

Triage Info

Decided atMar 20, 2026