Recently saw that chrome has a new CVE actively being exploited and Vanadium is still on the older version.
The Google CVE-2022-2856 vulnerability was fixed in Google Chrome 104.0.5112.101, released on Tuesday. While no information has been shared on how hackers exploited it in attacks, vulnerability researcher Hossein Lotfi discovered more details about the bug.
Google Chrome (In-The-Wild) Zero day (CVE-2022-2856) fix. If an intent contains any extras or a data URI and it targets another browser, Google Chrome would open that browser with that URL without prompting:https://t.co/iiDhLShhJv — Hossein Lotfi (@hosselot) August 18, 2022