CVE-2024-4761

HIGH KEV

Google Chrome < 124.0.6367.207 - Out-of-bounds Write in V8

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2024-4761 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 16, 2024. EIP tracks 1 public exploit from researchers including michredteam.

AI-analyzed exploit summary This repository contains a README describing CVE-2024-4761, an out-of-bounds write vulnerability in the V8 JavaScript engine of Google Chrome. It mentions a future release of a Windows binary exploit but does not include any actual exploit code or technical details.

Description

Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Exploits (1)

nomisec WRITEUP 4 stars
by michredteam · poc
https://github.com/michredteam/CVE-2024-4761

This repository contains a README describing CVE-2024-4761, an out-of-bounds write vulnerability in the V8 JavaScript engine of Google Chrome. It mentions a future release of a Windows binary exploit but does not include any actual exploit code or technical details.

Classification
Writeup 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Google Chrome 124.0.6367.207 and earlier
No auth needed
Prerequisites: Vulnerable version of Google Chrome
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v3 8.8
EPSS 0.1101
EPSS Percentile 95.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable no
Technical Impact total

Details

CISA KEV 2024-05-16
VulnCheck KEV 2024-05-09
InTheWild.io 2024-05-09
ENISA EUVD EUVD-2024-44358
CWE
CWE-787
Status published
Products (4)
fedoraproject/fedora 38
fedoraproject/fedora 39
fedoraproject/fedora 40
google/chrome < 124.0.6367.207
Published May 14, 2024
KEV Added May 16, 2024
Tracked Since Feb 18, 2026