CVE-2025-12428

Published Nov 10, 2025

Last updated 13 days ago

CVSS high 8.8

Overview

Description
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Source
chrome-cve-admin@google.com
NVD status
Analyzed
Products
chrome

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

chrome-cve-admin@google.com
CWE-843

Social media

Hype score
Not currently trending

  1. (CVE-2025-12428)[$50000][447613211][wasm-custom-desc]Type Confusion https://t.co/gEqIj2y8Fw https://t.co/wxbvsH9nY3 PoC: ./d8 --experimental-wasm-custom-descriptors https://t.co/iLRwACInMx Reported by Man Yue Mo(@mmolgtm)

    @xvonfers

    14 Nov 2025

    1711 Impressions

    1 Retweet

    27 Likes

    16 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-12428 Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security sev… https://t.co/G9puhldRqU

    @CVEnew

    10 Nov 2025

    240 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🔐 CRITICAL UPDATE: #Fedora 43 Chromium patch FEDORA-2025-31f0d8bfa9 is out. Fixes multiple High-severity V8 vulnerabilities (CVE-2025-12428 et al.)—remote code execution risks. Read more: 👉 https://t.co/wVoeCKVo4N #Security https://t.co/bKsOd7

    @Cezar_H_Linux

    5 Nov 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.