AI description
CVE-2025-10891 is an integer overflow vulnerability found in the V8 JavaScript engine, which is a core component of Google Chrome and other Chromium-based web browsers. This flaw occurs when arithmetic operations on user-provided input surpass the maximum value an integer type can hold, leading to calculations that "wrap around" and produce incorrect values. This vulnerability can result in heap corruption and potentially allow a remote attacker to execute arbitrary code by enticing a user to visit a specially crafted HTML page. The issue was addressed in Google Chrome version 140.0.7339.207.
- Description
- Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- chrome-cve-admin@google.com
- CWE-472
- Hype score
- Not currently trending
⚠️ Vulnerabilidades en productos Google ❗ CVE-2025-10892 ❗ CVE-2025-10891 ❗ CVE-2025-10890 ➡️ Más info: https://t.co/RHQAELJgIt https://t.co/7Ksuz7uMHi
@CERTpy
9 Mar 2026
236 Impressions
1 Retweet
5 Likes
1 Bookmark
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-27363 2 - CVE-2026-21509 3 - CVE-2026-25253 4 - CVE-2025-10891 5 - CVE-2025-64328 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
2 Mar 2026
157 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Here is my CVE-2025-10891 Chromium RCE PoC: https://t.co/jqrevQ9Ca4 https://t.co/NtAfSeQtFj
@m411k_
1 Mar 2026
23052 Impressions
93 Retweets
482 Likes
240 Bookmarks
6 Replies
2 Quotes
⚠️Vulnerabilidades en productos Google Chrome ❗CVE-2025-10890 ❗CVE-2025-10891 ❗CVE-2025-10892 ➡️Más info: https://t.co/yyPyKTfjHK https://t.co/I4ThIO9JKr
@CERTpy
30 Sept 2025
98 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-10891 & CVE-2025-10892 by Google Big Sleep. How are you finding bugs? Google: We use AI Me: I’m fuzzing what the AI missed. You: ? https://t.co/P4mQYbtEfS
@0xi6r
26 Sept 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
(CVE-2025-10891)[443765373][ignition]Integer Overflow https://t.co/NIGVYJcRT5 https://t.co/ofvwHiSQrd Reported by Google Big Sleep
@xvonfers
25 Sept 2025
1064 Impressions
3 Retweets
15 Likes
12 Bookmarks
0 Replies
0 Quotes
CVE-2025-10891 Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium se… https://t.co/SD456Ao1TY
@CVEnew
24 Sept 2025
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D069E2A-50D9-4C05-9331-42D8534136B2",
"versionEndExcluding": "140.0.7339.207",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]