cve 2026 3931

CVE-2026-3931 is a heap buffer overflow vulnerability in the Skia 2D graphics library, assigned by the Chromium project. Google addressed it in Chrome 146 stable updates, specifically version 146.0.7680.71. Microsoft subsequently recorded the issue in its Security Update Guide to inform Microsoft Edge customers that the downstream Edge builds have incorporated the upstream Chromium fix. This tag covers discussions about how the Chrome patch reaches Edge via the shared Chromium codebase, including the vulnerability's impact, patching timeline, and the coordination between Google and Microsoft for security updates.