CVE-2022-3723
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 3, 2026
10 articles
EPSS Score
Source: FIRST.org · 2026-05-24
0.51%
probability
This CVE has a 0.51% probability
of being exploited in the next 30 days.
0%
Top 66.4th percentile of all CVEs
100%
CVSS score unavailable
Neither CIRCL nor NVD returned a CVSS score for this CVE.
View on VulnerabilityLookup ↗
Description
Project ZeroType confusion in V8
Attack Intelligence
Google Project Zero
Discovered
Oct. 25, 2022
Patched
Oct. 27, 2022
Reported by
Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast
Root Cause Analysis
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-3723.html
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
TheHackerNews
Google Chrome emergency update fixes 9th zero-day of the year
BleepingComputer
Dec 02, 2022
November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities With 10 Critical; Adobe Releases Zero Advisories (for the First Time in Six Years).
Qualys
Nov 08, 2022
Google pushes emergency Chrome update to fix 8th zero-day in 2022
BleepingComputer
Nov 25, 2022
Google fixes seventh Chrome zero-day exploited in attacks this year
BleepingComputer
Oct 28, 2022
Google finds more Android, iOS zero-days used to install spyware
BleepingComputer
Mar 29, 2023
Security Advisory 2023-024
CERT-EU
Apr 18, 2023
Security Advisory 2022-075
CERT-EU
Oct 28, 2022
Signal Intelligence
Confidence
92%
EPSS
0.51%
Mentions
10
Last Seen
Apr 18, 2023
CNA Information
Analyst Note
CVE-2022-3723 demonstrates strong confirmation indicators including a HIGH CVSS score (8.8), identification by Google Project Zero, and multiple official security advisories from CERT-EU. The vulnerability affects a widely-deployed browser with a clear technical description of type confusion leading to heap corruption, providing solid evidence for the confirmed status.
Triage Info
Decided atMar 03, 2026