CVE-2022-26871

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero
Triaged: March 5, 2026
VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24
19.44%
probability
This CVE has a 19.44% probability of being exploited in the next 30 days.
0% Top 95.5th percentile of all CVEs 100%
CVSS score unavailable
Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero
Arbitrary file upload remote code execution

Attack Intelligence

Google Project Zero

Patched
March 31, 2022
Reported by
Trend Micro Research
Root Cause Analysis
???

Signal Intelligence

Confidence
95%
EPSS 19.44%
Mentions 0

CNA Information

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026