Home

Description

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

PUBLISHED Reserved 2025-06-01 | Published 2025-06-02 | Updated 2025-10-21 | Assigner Chrome

CISA Known Exploited Vulnerability

Date added 2025-06-05 | Due date 2025-06-26

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Problem types

Out of bounds read and write

Product status

137.0.7151.68 (custom) before 137.0.7151.68
affected

References

www.cisa.gov/...nerabilities-catalog?field_cve=CVE-2025-5419 government-resource

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-5419

chromereleases.googleblog.com/...nel-update-for-desktop.html

issues.chromium.org/issues/420636529

cve.org (CVE-2025-5419)

nvd.nist.gov (CVE-2025-5419)