CVE-2025-10585
Published Sep 24, 2025
Last updated a month ago
AI description
CVE-2025-10585 is a type confusion vulnerability in the V8 JavaScript engine of Google Chrome. This flaw can be exploited by attackers to cause unexpected software behavior, potentially leading to arbitrary code execution or program crashes. The vulnerability can be triggered when a program allocates a resource using one type but later accesses it with an incompatible type. To exploit this, an attacker could trick a user into visiting a specially crafted website containing malicious JavaScript code. Google's Threat Analysis Group discovered and reported the vulnerability on September 16, 2025, and confirmed that it was being actively exploited in the wild.
- Description
- Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Google Chromium V8 Type Confusion Vulnerability
- Exploit added on
- Sep 23, 2025
- Exploit action due
- Oct 14, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
تحديث أمني عاجل لمتصفح Google Chrome أعلنت جوجل عن إصدار تحديث جديد لمتصفح كروم (الإصدار 140.0.7339.185/.186) على أنظمة ويندوز، ماك، ولينكس. هذا التحديث يعالج عدة ثغرات أ
@SarySqwr75307
18 Nov 2025
39 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨ALERTA | CompuNet SOC (06/11/25): CVE-2025-20333 y CVE-2025-20362 en Cisco Unified CCX — actualizar a 12.5 SU3 ES07 o 15.0 ES01. Exploit activo en Chrome CVE-2025-10585 → Chrome 140.0.7339.185+. Revise logs. Más: https://t.co/YtfhaqeN3L #Ciberseguridad https://t.co/J8cp7
@CompunetChile
7 Nov 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CISA CISA adds Chrome zero-day CVE-2025-10585 to KEV after public exploit appears https://t.co/ZE1ByZopNW
@Komodosec
31 Oct 2025
31 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CVE202510585 Chrome Emergency Update: Zero-Day (CVE-2025-10585) in V8 Exploited in the Wild https://t.co/ZC5XtHS9YC
@Komodosec
25 Oct 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/6uNqMoi2Ae 🚨 Chrome Zero-Day (CVE-2025-10585) is under active exploitation. Just visiting a simple website can let attackers run code on your system. Affected Versions: Chrome < 140.0.7339.185 (Windows/Mac) Chrome < 140.0.7339.185 (Linux) …and any Chrom
@ManMotasem
19 Oct 2025
65 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 Hackers can drain your crypto just by you visiting the wrong site. A new Chrome zero-day (CVE-2025-10585) you should be aware of: • Update Chrome/Edge/Opera NOW + relaunch • Split browsing + use a hardware wallet • Revoke old approvals, enable 2FA/passkeys https://t.
@CCNDotComNews
10 Oct 2025
561 Impressions
0 Retweets
1 Like
0 Bookmarks
2 Replies
0 Quotes
Cyber threats keep evolving rapidly with high-impact ransomware, supply chain attacks, espionage, and large-scale scams surfacing in the last hour. Here’s the quick lowdown on what matters most now: 🛡️ Google patched a sixth actively exploited Chrome zero-day (CVE-2025-10
@np_cyber_news
2 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة Zero-Day جديدة في Google Chrome تم استغلالها فعليًا في هجمات سيبرانية مؤخرًا. 🔹بتاريخ 17 سبتمبر 2025 أصدرت Google تحديث عاجل للإصدار 140.0.7339.185/.186 لمعالجة ثغرة خطي
@abdul__alamri
29 Sept 2025
9653 Impressions
6 Retweets
96 Likes
70 Bookmarks
2 Replies
0 Quotes
🚨 Google Chrome Zero-Day CVE-2025-10585 Exploitation Advisory [High] Sep 29, 2025 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #CyberThreats #CyberAttack #CyberSecurityNews #CyberSecurityAlert https://t.co/BueeTIlSOf
@transilienceai
29 Sept 2025
90 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions Google on Wednesday released security upd 𝗝𝗼𝗶𝗻 𝗼𝘂𝗿 𝗧𝘄𝗶𝘁𝘁𝗲𝗿 𝗳𝗮𝗺𝗶𝗹𝘆. 𝗙𝗼𝗹𝗹𝗼𝘄 𝘂𝘀! @thehackersnews @edgeitech @edg
@Edgeitech
26 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Новая угроза для пользователей Chrome: уязвимость CVE-2025-10585, о которой стало известно, уже эксплуатируется. Google выпустила обновление для устранения пробл
@cybereye_ru
26 Sept 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
أصدرت جوجل تحديث أمان لقناة كروم الثابتة لإصلاح ثغرة يوم الصفر (CVE-2025-10585) التي تم الإبلاغ عنها هذا الأسبوع. الثغرة تتعلق بمشكلة في محرك V8 المستخدم في JavaScript
@Cybereayn
26 Sept 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-10585
@transilienceai
26 Sept 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
⚠️Chromeにゼロデイ脆弱性あり⚠️ いずれも危険度「High」、既に攻撃例が報告されているようですので早急のアップデートがおすすめです。 CVE-2025-10585:Type Confusion in V8(High) CVE-2025-10500:Use after free in D
@HiromiOgura_
26 Sept 2025
1226 Impressions
5 Retweets
26 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAがGoogle Chromeのゼロデイ 脆弱性 CVE-2025-10585をKEVに追加-実運用で悪用確認 優先パッチ適用を勧告 https://t.co/pKFdvX4N3q #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
25 Sept 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA wydała pilne ostrzeżenie dotyczące luki 0-day w Google Chrome (CVE-2025-10585), która już jest aktywnie wykorzystywana przez cyberprzestępców. Podatność pozwala na zdalne wykonanie kodu. #CyberSecurity #GoogleChrome #ZeroDay #CVE2025 #CISA #ITSecurity #BrowserSecur
@_CoffeeBits_
25 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-25 KEV: CVE-2025-10585 — Google Chromium V8 Type NVD: CVE-2025-23248 — NVIDIA CUDA Toolkit for News: Teen suspected of Vegas casino cyberattacks… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
25 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-10585
@transilienceai
25 Sept 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-10585 Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium secu… https://t.co/CT6O8az8fh
@CVEnew
24 Sept 2025
121 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google has urged all Chrome users to immediately update their browsers after discovering a critical vulnerability that could allow hackers to gain control of their computers. The vulnerability, tracked as CVE-2025-10585, has a severity rating of 9.8 out of 10. The flaw was
@EvenCryptoBull
24 Sept 2025
66 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-24 KEV: CVE-2025-10585 — Google Chromium V8 Type NVD: CVE-2017-20200 — vulnerability has been found News: UK arrests suspect for RTX ransomware… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
24 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RT @BangkokPostNews: Google has urged all Chrome users to immediately update their browsers after the discovery of a critical security flaw that could allow hackers to take control of a computer. The vulnerability, tracked as CVE-2025-10585, carries a se… https://t.co/khRkmQCg9
@PopeKael
24 Sept 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FYI a serious security hole (CVE-2025-10585) was found in Google Chrome and other browsers. Hackers are already using it. Just visiting a web page could let someone run harmful software on your computer. If you use Chrome, Brave, Edge, Opera update your browser today
@gingikon
24 Sept 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FYI a serious security hole (CVE-2025-10585) was found in Google Chrome and other browsers. Hackers are already using it. Why? just visiting a web page could let someone run harmful software on your computer. If you use Chrome, Brave, Edge, Opera, , update your browser today
@cryptoging
24 Sept 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
Google is strongly advising all Chrome users to promptly update their browsers following the identification of a critical security vulnerability that could permit hackers to seize control of a computer. This flaw, designated as CVE-2025-10585, has been assigned a severity rating
@PersonalThai
24 Sept 2025
205 Impressions
0 Retweets
3 Likes
1 Bookmark
2 Replies
0 Quotes
Google has urged all Chrome users to immediately update their browsers after the discovery of a critical security flaw that could allow hackers to take control of a computer. The vulnerability, tracked as CVE-2025-10585, carries a severity rating of 9.8 out of 10. Listen to the
@BangkokPostNews
24 Sept 2025
2877 Impressions
0 Retweets
2 Likes
1 Bookmark
1 Reply
2 Quotes
🔍 𝐂𝐈𝐒𝐀 𝐚𝐝𝐝𝐬 𝐂𝐡𝐫𝐨𝐦𝐞 𝐳𝐞𝐫𝐨-𝐝𝐚𝐲 𝐂𝐕𝐄-𝟐𝟎𝟐𝟓-𝟏𝟎𝟓𝟖𝟓 𝐭𝐨 𝐊𝐄𝐕 𝐚𝐟𝐭𝐞𝐫 𝐩𝐮𝐛𝐥𝐢𝐜 𝐞𝐱𝐩𝐥𝐨𝐢𝐭 𝐚𝐩𝐩𝐞𝐚𝐫𝐬 • CVE
@PurpleOps_io
24 Sept 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT: A new Chrome zero-day (CVE-2025-10585) is being actively exploited in the wild. If you haven't updated your browser, your data is at risk. Read the full report: https://t.co/s0M0pUK1Qs https://t.co/DogJV2p0jB
@Iambivash007
24 Sept 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA、既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Sep 23) CVE-2025-10585 Google Chromium V8 の型混乱の脆弱性 https://t.co/JJX9a64u8s
@foxbook
23 Sept 2025
283 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️We added Google Chrome V8 type confusion vulnerability CVE-2025-10585 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/geUKvI1ioC
@CISACyber
23 Sept 2025
7659 Impressions
27 Retweets
63 Likes
7 Bookmarks
2 Replies
0 Quotes
Google patches critical Chrome flaw (CVE-2025-10585) in V8 engine—its 6th active zero-day of 2025. Urgent updates needed for billions of users. #Google #Chrome #ZeroDay #CybersecurityNews https://t.co/eXCZc8NPCD
@DailyDataDosee
23 Sept 2025
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨🚨🚨 An actively exploited vulnerability in Chrome's V8 JavaScript engine has been patched. It's the sixth actively exploited Chrome zero-day patched by Google in 2025: CVE-2025-10585. https://t.co/K2OkwtrweV
@IntCyberDigest
23 Sept 2025
3821 Impressions
9 Retweets
47 Likes
7 Bookmarks
3 Replies
2 Quotes
جوجل تُصدر تحديثًا أمنيًا عاجلًا لسد ثغـ ـرة يوم الصفر CVE-2025-10585 في متصفح كروم التفاصيل .. https://t.co/Mc523PJO5e #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/0vY68M1pY
@ccforrs
23 Sept 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent! Google patches a dangerous Chrome zero-day (CVE-2025-10585) with an active V8 exploit threatening millions. Ensure your browser is updated NOW! #Chrome #CyberSecurity https://t.co/7xwPLECB7p
@xcybersecnews
23 Sept 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🌐 📱 Google'dan dört güvenlik güncellemesi❗ 🔐 Bunlardan biri, V8 JavaScript ve WebAssembly motorundaki bir karışıklık nedeniyle sıfır gün açığına yol açan CVE-2025-10585. 🔻Google, bu açığın gerçek hayatta istismar edildiğini ancak detaylı bil
@Siberatayresmi
23 Sept 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Update Chrome as soon as possible⚠️ ➖️ According to recent reports, Google has identified and fixed a zero-day vulnerability in Chrome, registered as CVE-2025-10585, which affects the V8 JavaScript and WebAssembly engine. This flaw is of the "type confusion" type a
@DarrellMaicon
23 Sept 2025
189 Impressions
0 Retweets
3 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-10585 in Chrome's V8 engine actively exploited in the wild and crypto users need to understand this isn't just another browser vulnerability - this could drain cryptocurrency wallets by allowing arbitrary code execution that exposes private keys. Google's Threat https:/
@hypenlabs_
23 Sept 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 #AlertaDeSeguridad | Vulnerabilidad crítica en Google Chrome (CVE-2025-10585). ➡️ Exploit activo con riesgo de ejecución remota de código. 🔒 Actualiza YA: Win/macOS 👉 140.0.7339.185/.186 Linux 👉 140.0.7339.185 #Ciberseguridad #CompuNet https://t.co/By2okF20VS
@CompunetChile
22 Sept 2025
101 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome 0-Day CVE-2025-10585 (CVSS 8.8) explotado activamente. Afecta Chrome <140.0.7339.185 y otros (Edge, Brave, Opera). ⚠️Riesgo: RCE, robo de datos y malware. ✅Actualiza YA. 🔗 https://t.co/6gsdXxqvoV https://t.co/hmC9uCvyLA
@CsirtCnt
22 Sept 2025
73 Impressions
2 Retweets
9 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome Type Confusion 0-Day Vulnerability Code Analysis Released Read more: https://t.co/kpepf1HvW3 Google Chrome’s V8 JavaScript engine has been compromised by a critical type confusion zero-day vulnerability, designated CVE-2025-10585, marking the sixth actively explo
@The_Cyber_News
22 Sept 2025
1637 Impressions
8 Retweets
31 Likes
10 Bookmarks
0 Replies
1 Quote
A new report details a zero-day vulnerability (CVE-2025-10585) in Chrome's V8 engine. Learn about the type confusion flaw and its implications. 🔗 https://t.co/GFSDSuZ2ZP https://t.co/lCLuVsUBXs
@Iambivash007
22 Sept 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-10585 Chome V8 type confusion 0day analysis by @NullSecurityX https://t.co/WmLQxKa3S5
@dec_eax
22 Sept 2025
10256 Impressions
19 Retweets
105 Likes
44 Bookmarks
4 Replies
1 Quote
Chromium: CVE-2025-10585 Type Confusion in V8 https://t.co/ygMGOC0Tx7 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://t.co/UjiS9AYOvz) for more information. Google
@zeeshankghouri
22 Sept 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome安定版にゼロデイ-V8の脆弱性(CVE-2025-10585)を悪用したサイバー攻撃を確認、今すぐ更新を https://t.co/7wVE7VRrGK #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
22 Sept 2025
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome安定版にゼロデイ-V8の型混同(CVE-2025-10585)を悪用したサイバー攻撃を確認、今すぐ更新を https://t.co/7wVE7VRrGK #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
22 Sept 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google ha lanzado una actualización de seguridad urgente para su navegador Chrome después de descubrir un zero-day activo, identificado como CVE-2025-10585, el cual está siendo explotado en ataques reales. https://t.co/8ttDYaYq9F
@AineDanas
21 Sept 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update your browsers urgently, crypto is being stolen en masse! • Critical vulnerability in Chrome and Brave – update immediately • Bug CVE-2025-10585 has been discovered in the V8 (Chromium) engine, allowing hackers to remotely execute code and access your wallets and
@SmartM_Alex
21 Sept 2025
94 Impressions
0 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Alerta de seguretat: Zero-day a Google Chrome Vulnerabilitat crítica CVE-2025-10585. 🔒 Actualitza immediatament Chrome a la darrera versió disponible. Més info al nostre SOC 👇 https://t.co/DardRkycnr #Ciberseguretat #ZeroDay #Chrome #InfordisaSOC
@Infordisa
21 Sept 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585) https://t.co/ENFM7D4ZXz
@ManuelDantas
21 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome Zero-Day Alert: CVE-2025-10585 in the V8 engine is under active attack. Update your browser NOW to stay safe. Read More: https://t.co/AXdL4prqEU #GoogleChrome #ZeroDay #CyberSecurity #CVE202510585 #Canada #CanadaCyberAwareness https://t.co/GJl7jH5zGY
@FindSecCyber
21 Sept 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7857C78B-3F28-4180-AE76-ABF96A380265",
"versionEndExcluding": "140.0.7339.185"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]