Home > Vulnerability Database > CVE-2026-1220

Mend.io Vulnerability Database

CVE-2026-1220

Good to know:

Date: January 19, 2026

Race in V8. The flaw could be exploited through specially crafted web content, potentially resulting in memory corruption, browser instability, or arbitrary code execution. Due to the browser’s widespread use, successful exploitation could affect millions of users globally Race conditions occur when multiple processes access shared resources simultaneously, potentially allowing attackers to execute malicious code, crash the browser, or access sensitive information.

Severity Score

8.8

Related Resources (3)

Url: https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_20.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2026-1220

Url: https://www.mend.io/vulnerability-database/CVE-2026-1220

Severity Score

8.8

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-362

Top Fix

Upgrade Version

Upgrade to version https://github.com/v8/v8.git - 14.6.1

Learn More

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2026-1220

Good to know:

Date: January 19, 2026

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?