CVE-2024-0519

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 20 articles

VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

0.43%

probability

This CVE has a 0.43% probability of being exploited in the next 30 days.

0% Top 62.7th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero

Out-of-bounds memory access

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-125 · Out-of-bounds Read CWE-664 · Improper Control of a Resource Through its Lifetime CWE-787 · Out-of-bounds Write

Google Project Zero

Discovered

Jan. 11, 2024

Patched

Jan. 16, 2024

Reported by

???

Root Cause Analysis

???

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

TheHackerNews

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

TheHackerNews

Google fixes ninth Chrome zero-day tagged as exploited this year

BleepingComputer Aug 21, 2024

Google fixes first actively exploited Chrome zero-day of 2024

BleepingComputer Jan 16, 2024

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

TheHackerNews

Google patches new Chrome zero-day flaw exploited in the wild

BleepingComputer Jun 09, 2026

Google tags a tenth Chrome zero-day as exploited this year

BleepingComputer Aug 26, 2024

Google fixes eighth actively exploited Chrome zero-day this year

BleepingComputer May 24, 2024

Google fixes third actively exploited Chrome zero-day in a week

BleepingComputer May 15, 2024

Google fixes fifth Chrome zero-day exploited in attacks this year

BleepingComputer May 10, 2024

CISA pushes federal agencies to patch Citrix RCE within a week

BleepingComputer Jan 17, 2024

Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

TheHackerNews

Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024

TheHackerNews

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

TheHackerNews

Google Chrome emergency update fixes 6th zero-day exploited in 2024

BleepingComputer May 14, 2024

Google fixes one more Chrome zero-day exploited at Pwn2Own

BleepingComputer Apr 03, 2024

Google fixes Chrome zero-days exploited at Pwn2Own 2024

BleepingComputer Mar 27, 2024

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

TheHackerNews

Security Advisory 2024-044

CERT-EU May 16, 2024

Security Advisory 2024-012

CERT-EU Jan 19, 2024

Signal Intelligence

Confidenceⓘ

92%

EPSS 0.43%

Mentions 20

Last Seen Jun 09, 2026

CNA Information

Analyst Note

CVE-2024-0519 demonstrates strong confirmation indicators: it is a HIGH severity (CVSS 8.8) V8 heap corruption vulnerability in Google Chrome with documented active exploitation in the wild, confirmed by Google Project Zero, and reported by multiple reputable security sources as an actively exploited zero-day. The vulnerability affects a widely-used browser engine and has been formally patched in Chrome 120.0.6099.224.

Triage Info

Decided atMar 03, 2026