Description
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CISA Known Exploited Vulnerability
Date added 2025-09-23 | Due date 2025-10-14
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Problem types
Product status
References
chromereleases.googleblog.com/...-update-for-desktop_17.html
issues.chromium.org/issues/445380761
