AI description
CVE-2025-5419 is an out-of-bounds read and write vulnerability found in the V8 JavaScript and WebAssembly engine of Google Chrome. Specifically, it affects Google Chrome versions prior to 137.0.7151.68. According to the NIST's National Vulnerability Database (NVD), this vulnerability could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. The vulnerability was reported to Google on May 27, 2025, by Clement Lecigne and Benoît Sevens of Google's Threat Analysis Group (TAG). Google has confirmed that an exploit for CVE-2025-5419 exists in the wild and has released a security update to address the issue. A configuration change was pushed to the Stable version of Chrome across all platforms on May 28, 2025, to mitigate the bug.
- Description
- Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
- Exploit added on
- Jun 5, 2025
- Exploit action due
- Jun 26, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-125
- Hype score
- Not currently trending
#infosec #hacking #CSO #cybersecurity #pentesting #informationsecurity #redteam #DataSecurity #CyberSec #HackerNews Google chrome V8 JavaScript引擎越界读写漏洞(CVE-2025-5419) https://t.co/h3g4LjfGVZ https://t.co/MHbLMDeECn
@cncsocom
13 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
10 Jun 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔴 Google Chrome Zero-Day Under Active Exploitation! Google has issued an urgent security patch for CVE-2025-5419, a critical flaw (CVSS 8.8) in the V8 JavaScript engine. This vulnerability, already exploited in the wild, allows attackers to corrupt memory via a crafted HTML h
@_viepaix
10 Jun 2025
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
10 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A new Chrome zero-day is being actively exploited; Google has released an out-of-band emergency patch to address the vulnerability CVE-2025-5419, which carries a CVSS score of 8.8. https://t.co/nH4CrcMCOW #UrgentUpdate https://t.co/quqMq1C6wa
@JadenJohnsNews
9 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome Zero-Day Alert (CVE-2025-5419) 🚨 A critical V8 engine flaw is being actively exploited in the wild, allowing remote code execution via malicious sites. 🔴 Severity: High (CVSS 8.8) ⚠️ Impact: Full browser compromise possible ✅ Fix: Update Chrome
@ZBounty18591
9 Jun 2025
9 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Google confirms exploit for CVE-2025-5419 (V8 out-of-bounds read/write) in the wild. Chrome Stable updated to 137.0.7151.68/.69 with fix. Update now https://t.co/R7DCA68xBg
@andy_empirical
9 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RE: CVE-2025-5419 - vuln allows you to read uninitialized memory by removing an initializing store.
@mistymntncop
9 Jun 2025
2796 Impressions
1 Retweet
21 Likes
6 Bookmarks
0 Replies
1 Quote
👏 AdsPower Now Supports Chrome 137 Kernel! This update also optimizes the V8 engine for faster response times and enhanced stability, while patching critical vulnerabilities (e.g., CVE-2025-5419) recently fixed by Chrome. How to upgrade❓ 1. Open AdsPower 2. Go to Profiles &
@AdsPowerBrowser
9 Jun 2025
128 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Masz Chrome? Kliknij “Zaktualizuj” i zrestartuj – Google załatał groźną lukę CVE-2025-5419 już wykorzystywaną przez hakerów. 60 sekund i po stresie. #BezpiecznaFirma #SME #cyberbezpieczenstwo https://t.co/qUAltzYacA
@PointZeroPL
9 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🆕 #AdsPower 現已支持 Chrome 137 內核! 爲提供更安全、流暢的使用體驗,我們已完成瀏覽器內核昇級,現全麵支持 Chrome 137。 本次更新同步優化了 V8 引擎,響應更快,穩定性更強,同時也覆蓋了近期 Chrome 官方修
@adspowercn
9 Jun 2025
470 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Chrome緊急修正: V8エンジンのゼロデイ脆弱性CVE-2025-5419が悪用中、今すぐアップデートを https://t.co/7O40inWPs5 Chromeユーザーは、ブラウザが最新版(Windows/Mac: 137.0.7151.68/.69、Linux: 137.0.7151.68)になっているか確認し
@innovaTopia_JP
8 Jun 2025
124 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Chrome緊急修正: V8エンジンのゼロデイ脆弱性CVE-2025-5419が悪用中、今すぐアップデートを https://t.co/0r9NjDeIUl
@pen_senpai
8 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
8 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5419 (CVSS:8.8, HIGH) is Analyzed. Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially expl..https://t.co/p8xXDrZLue #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
8 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
今週、Chrome(クローム)ブラウザーに関する警告が再び報じられている。グーグルは攻撃が進行中であることを認め、約30 億人のユーザーに緊急アップデートを配信した(「CVE-2025-5419:深刻度 High」への対
@acchonvurike
8 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
今週、Chrome(クローム)ブラウザーに関する警告が再び報じられている。グーグルは攻撃が進行中であることを認め、約30 億人のユーザーに緊急アップデートを配信した(「CVE-2025-5419:深 ソース: Yahoo!ニュ
@nyaoki3396
7 Jun 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
7 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google Chromium V8, Exécution de code arbitraire, atteinte à la confidentialité et à l’intégrité du système. 🛡️ Alerte CISA : Exploitation active de la vulnérabilité CVE-2025-5419 affectant le noyau Chromium V8. https://t.co/8yhtDvg14t
@NicolasCoolman
7 Jun 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
7 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Update Chrome ASAP! Google patched a critical vulnerability (CVE-2025-5419) actively exploited in the wild. Protect your data by going to **Settings > About Chrome** & relaunching after the update. Stay safe online! #CyberSecurity #ChromeUpdate #TechNews https://t.co/2
@Empist
6 Jun 2025
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Zero-day alert! Google Chrome's CVE-2025-5419 is under active attack. Update ASAP to v137.0.7151.68+ to patch memory corruption exploit via malicious HTML. Share this crucial info! 🛡️ #Cybersecurity #ZeroDay #Chrome https://t.co/1nKJbyFwt8
@fernandokarl
6 Jun 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Content: Google Fixes Chrome Zero-Day with In-The-Wild Exploit (CVE-2025-5419) In a recent development, Google has mitigated two serious vulnerabil https://t.co/O5UHagHi1m https://t.co/pswoqHrnZv
@AegisLens
6 Jun 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Google opravuje již třetí zero-day zranitelnost tento rok. Zranitelnost CVE-2025-5419 (CVSS skóre 8.8) v prohlížeči Google Chrome je podle společnosti hojně zneužívána. Chyba je způsobena out-of-bounds čtením a zápisem v prohlížečovém V8 JavaScript enginu
@AlefSecurity
6 Jun 2025
83 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🔴🚨 جوجل تطلق تحديث طارئ لمتصفح كروم عشان تحمي 3 مليار مستخدم! 🚀 جوجل اكتشفت ثغرة خطيرة (CVE-2025-5419) ممكن يستغلها المهاجمين للهجوم على الأجهزة عن بعد. التحد
@TekTrndz
6 Jun 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Alert A Chrome zero-day vulnerability (CVE-2025-5419) is actively being exploited via malicious web pages. For your safety and to protect your assets, please update your browser immediately to: Chrome 137.0.7151.68/.69 (Windows/macOS) Chrome
@Cascade1679624
6 Jun 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
6 Jun 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ We added Google Chromium V8 out-of-bounds read and write vulnerability CVE-2025-5419 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. https://t.co/1xiWOtty4r
@CISACyber
5 Jun 2025
6197 Impressions
17 Retweets
52 Likes
9 Bookmarks
4 Replies
2 Quotes
🔴 #Google #Chrome, Heap Corruption, #CVE-2025-5419 (High) https://t.co/EIEK3cacdb
@dailycve
5 Jun 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google fixed the second actively exploited Chrome zero-day since the start of the year Google patches third Chrome zero-day vulnerability this year, CVE-2025-5419, actively exploited in the wild. Experts urge immediate updates to mitig... Read more: https://t.co/h2sgypiBPh http
@dailynews_ai_25
5 Jun 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Important security update: @opera, @operagxofficial, Opera Air, and Opera for Android have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-5419 Update now to the latest versions: - Opera version 119.0.5497.70 - Opera GX version 119.0.5497.68 -
@Opera_Security
5 Jun 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 GÜVENLİK DUYURUSU – Google Chrome Kritik Sıfır-Gün Açığı (CVE-2025-5419) Google, tarayıcısındaki “V8” JavaScript motorunda aktive olarak istismar edilen bir “out-of-bounds read/write” zafiyetini (CVE-2025-5419) kapatmak için acil bir güncelleme yayı
@GMDestekMerkezi
5 Jun 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
5 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
停下手头的所有任务,马上更新浏览器 旧版Chrome已爆出严重漏洞: CVE-2025-5419,可被黑客远程执行任意代码,已有攻击案例! 💡更新方法:点击右上角【…】 > 设置 > 关于 Chrome > 自动更新 最新版本:
@xiaxiaoyubing
5 Jun 2025
475 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day Alert: Understanding & Mitigating CVE-2025-5419 Introduction: Urgent Alert on Actively Exploited Chrome Zero-Day Google has issued an emergency, out-of-band security update for its widely used Chrome browser to address a critical zero-day vulnerability,
@Hamaaadite
4 Jun 2025
141 Impressions
0 Retweets
8 Likes
0 Bookmarks
7 Replies
0 Quotes
🚨 Google just released a critical Chrome security update for a zero-day vulnerability (CVE-2025-5419). Your browser could be at risk if not updated. Protect your data—update now. 🔗 Read more: https://t.co/BuKrd58Ikk #CyberSecurity #ChromeUpdate #BusinessPCSupport https:
@BusPCsupport
4 Jun 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google Chrome に深刻度8.8のゼロデイ脆弱性が発見され、既に実際の攻撃で悪用されています CVE-2025-5419と名付けられたこの脆弱性は、ChromeのV8 JavaScriptエンジンを標的とし、境界外読み取り・書き込みの欠陥
@TechTrendsJP
4 Jun 2025
101 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
⚡️ 0-Day Alert - Google Chrome exploit in the wild CVE-2025-5419: Memory corruption in v8 Patched in Chrome Stable Channel 137.0.7151.68/.69 https://t.co/2ImEgB28So
@zerodaytraining
4 Jun 2025
9675 Impressions
15 Retweets
75 Likes
34 Bookmarks
1 Reply
1 Quote
Google Chrome-də kritik boşluq (CVE-2025-5419) aşkar olunub. #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/XMoeChoco0
@CERTAzerbaijan
4 Jun 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) https://t.co/rkJG2e9EO9 #HelpNetSecurity #Cybersecurity https://t.co/yrzmS966vs
@PoseidonTPA
4 Jun 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Google fixes #Chrome zero-day with in-the-wild exploit (CVE-2025-5419) https://t.co/6IixMCxfSn https://t.co/UCKRjrBod2
@evanderburg
4 Jun 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome 爆出严重漏洞(CVE-2025-5419) 黑客可远程执行任意代码,已有实际攻击发生! 📉 使用旧版 Chrome 可能会暴露钱包资产风险 🔄 请立即更新至 v137.0.7151.68/69 路径:Chrome右上角【…】> 设置 > 关于 Chrome &
@yichen1806
4 Jun 2025
145 Impressions
0 Retweets
4 Likes
0 Bookmarks
2 Replies
0 Quotes
Chrome 的沙箱机制通常能隔离恶意代码,但 CVE-2025-5419 允许攻击者绕过这一防护,直接在设备上执行代码,设备感染可能导致你的钱包资产瞬间清零 大家记得将你的Google Chrome谷歌浏览器更新到最新版 v137.0.7151.68/69
@pipizhu_eth
4 Jun 2025
11419 Impressions
2 Retweets
65 Likes
4 Bookmarks
6 Replies
0 Quotes
MooWu: Google Chrome Has Released an Emergency Patch to Fix a Critical Zero-Day Vulnerability (CVE-2025-5419) Explore more key information on #SoSoValue: https://t.co/xZIXWfrQRv via @sosovaluecrypto
@alok05270
4 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨SlowMist Security Alert🚨 @googlechrome has released an emergency patch for a high-severity zero-day vulnerability (CVE-2025-5419) actively exploited in the wild. The flaw, found in the V8 JavaScript engine, allows remote attackers to corrupt memory via crafted HTML pages.
@SlowMist_Team
4 Jun 2025
5765 Impressions
13 Retweets
48 Likes
9 Bookmarks
5 Replies
3 Quotes
🚨 Chrome Zero-Day Alert — CVE-2025-5419 Actively Exploited 🚨 Google just released an emergency patch for a high-severity flaw in the Chrome browser. Here's what you need to know 🧵👇
@cybrhoodsentinl
4 Jun 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5419 Update your chromium browser ASAP https://t.co/ZD831PQpwf #cve #chrome
@thesuhu
4 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
गूगल ने क्रोम ब्राउजर के यूज़र्स के लिए साइबर हमले की चेतावनी जारी की है। कंपनी ने CVE-2025-5419 नामक तकनीकी खामी की
@sanewshimachal
4 Jun 2025
144 Impressions
35 Retweets
39 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome、定例アップデートで危険性の高い脆弱性を修正(CVE-2025-5419) #セキュリティ対策Lab #セキュリティ #Security https://t.co/GGkpFSNYTb
@securityLab_jp
3 Jun 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 تاني Zero-Day في كروم من بداية السنة؟! جوجل بتصدر تحديثات عاجلة وسريعة علشان تسد 3 ثغرات في متصفح كروم، من ضمنهم واحدة خطيرة جدًا تم استغلالها فعليًا في هجم
@hiddenlockT
3 Jun 2025
359 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31E19D83-F49F-4B1B-8E53-D790037695D3",
"versionEndExcluding": "137.0.7151.68"
}
],
"operator": "OR"
}
]
}
]