Known Exploited Vulnerability: CVE-2023-4863

Google Chromium WebP Heap-Based Buffer Overflow Vulnerability

Catalog version: 2026.07.16 Date added: 2023-09-13 Due date: 2023-10-04 CISA catalog

Vendor: Google

Product: Chromium WebP

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Known ransomware campaign use: Unknown

Notes: https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html?m=1 https://nvd.nist.gov/vuln/detail/CVE-2023-4863

CWEs

cvelogic Threat Intelligence