CVE-2025-5419
Published Jun 3, 2025
Last updated a month ago
AI description
CVE-2025-5419 is an out-of-bounds read and write vulnerability found in the V8 JavaScript and WebAssembly engine of Google Chrome. Specifically, it affects Google Chrome versions prior to 137.0.7151.68. According to the NIST's National Vulnerability Database (NVD), this vulnerability could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. The vulnerability was reported to Google on May 27, 2025, by Clement Lecigne and Benoît Sevens of Google's Threat Analysis Group (TAG). Google has confirmed that an exploit for CVE-2025-5419 exists in the wild and has released a security update to address the issue. A configuration change was pushed to the Stable version of Chrome across all platforms on May 28, 2025, to mitigate the bug.
- Description
- Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
- Exploit added on
- Jun 5, 2025
- Exploit action due
- Jun 26, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-125
- Hype score
- Not currently trending
CVE-2025-5419 no Chrome permitia drive-by downloads via type confusion no V8
@hashtagsec
12 Jul 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #Browsers Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild https://t.co/BUSd8v6Sjd
@Komodosec
10 Jul 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
9 Jul 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
No carrossel de updates também teve Chrome e Firefox fechando zero-days (CVE-2025-5419 e CVE-2025-4664)
@hashtagsec
7 Jul 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
6 Jul 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA has issued an urgent warning about a critical zero-day vulnerability in Google Chrome’s V8 JavaScript engine (CVE-2025-5419), actively exploited to execute arbitrary code on victims’ systems. Users must update Chrome. https://t.co/g6MFmQul1L
@WalkureARCH
5 Jul 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
4 Jul 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
2 Jul 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google has released a security update for Chrome to address a zero-day vulnerability, CVE-2025-5419, which is reportedly being actively exploited. This vulnerability affects all Chrome versions prior to 137.0. Update Now.
@Chatelobenna
1 Jul 2025
73 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ¡CVE-2025-5419 ya está parchada en V8! Si sigues sin reiniciar tu Chrome, estás jugando con fuego. ¿Vas a esperar al exploit o actualizarás ahora? 🔥🔄 #Ciberseguridad #ChromeUpdate #ZeroDay https://t.co/kWUrKn7a7r
@gorkaelbochi
29 Jun 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
28 Jun 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
1️⃣ Chrome zero-day (CVE-2025-5419) is being actively exploited right now. If your Chrome isn’t updated - you're vulnerable. 2️⃣ The flaw affects the V8 JavaScript engine - hackers can hijack your browser just by getting you to visit a malicious site. Google patched
@vpnunlimited
27 Jun 2025
137 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
24 Jun 2025
23 Impressions
0 Retweets
0 Likes
1 Bookmark
1 Reply
0 Quotes
CISA added a new actively exploited vulnerability—CVE-2025-5419, affecting Google Chromium V8—to its Known Exploited Vulnerabilities Catalog. This out-of-bounds read/write flaw is a frequent target for attackers and poses serious risks. #cybersecurity https://t.co/PcJagwktbj
@MainNerve
22 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Urgent: Microsoft patches 66 flaws! CVE-2025-33053 (WebDAV) is exploited—clicking malicious links can hack your PC. 1️⃣Update Windows NOW to stay safe! Also, 2️⃣Update Edge/Chrome for CVE-2025-4664, CVE-2025-5419 fixes. #PatchTuesday #Cybersecurity https://t.c
@CyberWolfGuard
21 Jun 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A zero-day vulnerability, codenamed CVE-2025-5419, has a CVSS Score of 8.8. The vulnerability resides in the V8 JavaScript Engine in Chrome web browser versions prior to 137.0.7151.68. Google recommends updating to patch the vulnerability as soon as possible.
@freedomhack101
13 Jun 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#infosec #hacking #CSO #cybersecurity #pentesting #informationsecurity #redteam #DataSecurity #CyberSec #HackerNews Google chrome V8 JavaScript引擎越界读写漏洞(CVE-2025-5419) https://t.co/h3g4LjfGVZ https://t.co/MHbLMDeECn
@cncsocom
13 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
10 Jun 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔴 Google Chrome Zero-Day Under Active Exploitation! Google has issued an urgent security patch for CVE-2025-5419, a critical flaw (CVSS 8.8) in the V8 JavaScript engine. This vulnerability, already exploited in the wild, allows attackers to corrupt memory via a crafted HTML h
@_viepaix
10 Jun 2025
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
10 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A new Chrome zero-day is being actively exploited; Google has released an out-of-band emergency patch to address the vulnerability CVE-2025-5419, which carries a CVSS score of 8.8. https://t.co/nH4CrcMCOW #UrgentUpdate https://t.co/quqMq1C6wa
@JadenJohnsNews
9 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome Zero-Day Alert (CVE-2025-5419) 🚨 A critical V8 engine flaw is being actively exploited in the wild, allowing remote code execution via malicious sites. 🔴 Severity: High (CVSS 8.8) ⚠️ Impact: Full browser compromise possible ✅ Fix: Update Chrome
@ZBounty18591
9 Jun 2025
9 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Google confirms exploit for CVE-2025-5419 (V8 out-of-bounds read/write) in the wild. Chrome Stable updated to 137.0.7151.68/.69 with fix. Update now https://t.co/R7DCA68xBg
@andy_empirical
9 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RE: CVE-2025-5419 - vuln allows you to read uninitialized memory by removing an initializing store.
@mistymntncop
9 Jun 2025
2796 Impressions
1 Retweet
21 Likes
6 Bookmarks
0 Replies
1 Quote
👏 AdsPower Now Supports Chrome 137 Kernel! This update also optimizes the V8 engine for faster response times and enhanced stability, while patching critical vulnerabilities (e.g., CVE-2025-5419) recently fixed by Chrome. How to upgrade❓ 1. Open AdsPower 2. Go to Profiles &
@AdsPowerBrowser
9 Jun 2025
128 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Masz Chrome? Kliknij “Zaktualizuj” i zrestartuj – Google załatał groźną lukę CVE-2025-5419 już wykorzystywaną przez hakerów. 60 sekund i po stresie. #BezpiecznaFirma #SME #cyberbezpieczenstwo https://t.co/qUAltzYacA
@PointZeroPL
9 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🆕 #AdsPower 現已支持 Chrome 137 內核! 爲提供更安全、流暢的使用體驗,我們已完成瀏覽器內核昇級,現全麵支持 Chrome 137。 本次更新同步優化了 V8 引擎,響應更快,穩定性更強,同時也覆蓋了近期 Chrome 官方修
@adspowercn
9 Jun 2025
470 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Chrome緊急修正: V8エンジンのゼロデイ脆弱性CVE-2025-5419が悪用中、今すぐアップデートを https://t.co/7O40inWPs5 Chromeユーザーは、ブラウザが最新版(Windows/Mac: 137.0.7151.68/.69、Linux: 137.0.7151.68)になっているか確認し
@innovaTopia_JP
8 Jun 2025
124 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Chrome緊急修正: V8エンジンのゼロデイ脆弱性CVE-2025-5419が悪用中、今すぐアップデートを https://t.co/0r9NjDeIUl
@pen_senpai
8 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
8 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5419 (CVSS:8.8, HIGH) is Analyzed. Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially expl..https://t.co/p8xXDrZLue #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
8 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
今週、Chrome(クローム)ブラウザーに関する警告が再び報じられている。グーグルは攻撃が進行中であることを認め、約30 億人のユーザーに緊急アップデートを配信した(「CVE-2025-5419:深刻度 High」への対
@acchonvurike
8 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
今週、Chrome(クローム)ブラウザーに関する警告が再び報じられている。グーグルは攻撃が進行中であることを認め、約30 億人のユーザーに緊急アップデートを配信した(「CVE-2025-5419:深 ソース: Yahoo!ニュ
@nyaoki3396
7 Jun 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
7 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google Chromium V8, Exécution de code arbitraire, atteinte à la confidentialité et à l’intégrité du système. 🛡️ Alerte CISA : Exploitation active de la vulnérabilité CVE-2025-5419 affectant le noyau Chromium V8. https://t.co/8yhtDvg14t
@NicolasCoolman
7 Jun 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
7 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Update Chrome ASAP! Google patched a critical vulnerability (CVE-2025-5419) actively exploited in the wild. Protect your data by going to **Settings > About Chrome** & relaunching after the update. Stay safe online! #CyberSecurity #ChromeUpdate #TechNews https://t.co/2
@Empist
6 Jun 2025
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Zero-day alert! Google Chrome's CVE-2025-5419 is under active attack. Update ASAP to v137.0.7151.68+ to patch memory corruption exploit via malicious HTML. Share this crucial info! 🛡️ #Cybersecurity #ZeroDay #Chrome https://t.co/1nKJbyFwt8
@fernandokarl
6 Jun 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Content: Google Fixes Chrome Zero-Day with In-The-Wild Exploit (CVE-2025-5419) In a recent development, Google has mitigated two serious vulnerabil https://t.co/O5UHagHi1m https://t.co/pswoqHrnZv
@AegisLens
6 Jun 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Google opravuje již třetí zero-day zranitelnost tento rok. Zranitelnost CVE-2025-5419 (CVSS skóre 8.8) v prohlížeči Google Chrome je podle společnosti hojně zneužívána. Chyba je způsobena out-of-bounds čtením a zápisem v prohlížečovém V8 JavaScript enginu
@AlefSecurity
6 Jun 2025
83 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🔴🚨 جوجل تطلق تحديث طارئ لمتصفح كروم عشان تحمي 3 مليار مستخدم! 🚀 جوجل اكتشفت ثغرة خطيرة (CVE-2025-5419) ممكن يستغلها المهاجمين للهجوم على الأجهزة عن بعد. التحد
@TekTrndz
6 Jun 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Alert A Chrome zero-day vulnerability (CVE-2025-5419) is actively being exploited via malicious web pages. For your safety and to protect your assets, please update your browser immediately to: Chrome 137.0.7151.68/.69 (Windows/macOS) Chrome
@Cascade1679624
6 Jun 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
6 Jun 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ We added Google Chromium V8 out-of-bounds read and write vulnerability CVE-2025-5419 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. https://t.co/1xiWOtty4r
@CISACyber
5 Jun 2025
6197 Impressions
17 Retweets
52 Likes
9 Bookmarks
4 Replies
2 Quotes
🔴 #Google #Chrome, Heap Corruption, #CVE-2025-5419 (High) https://t.co/EIEK3cacdb
@dailycve
5 Jun 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google fixed the second actively exploited Chrome zero-day since the start of the year Google patches third Chrome zero-day vulnerability this year, CVE-2025-5419, actively exploited in the wild. Experts urge immediate updates to mitig... Read more: https://t.co/h2sgypiBPh http
@dailynews_ai_25
5 Jun 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Important security update: @opera, @operagxofficial, Opera Air, and Opera for Android have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-5419 Update now to the latest versions: - Opera version 119.0.5497.70 - Opera GX version 119.0.5497.68 -
@Opera_Security
5 Jun 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 GÜVENLİK DUYURUSU – Google Chrome Kritik Sıfır-Gün Açığı (CVE-2025-5419) Google, tarayıcısındaki “V8” JavaScript motorunda aktive olarak istismar edilen bir “out-of-bounds read/write” zafiyetini (CVE-2025-5419) kapatmak için acil bir güncelleme yayı
@GMDestekMerkezi
5 Jun 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-5419
@transilienceai
5 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
停下手头的所有任务,马上更新浏览器 旧版Chrome已爆出严重漏洞: CVE-2025-5419,可被黑客远程执行任意代码,已有攻击案例! 💡更新方法:点击右上角【…】 > 设置 > 关于 Chrome > 自动更新 最新版本:
@xiaxiaoyubing
5 Jun 2025
475 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31E19D83-F49F-4B1B-8E53-D790037695D3",
"versionEndExcluding": "137.0.7151.68"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD0BF58F-60EE-4A88-AFE6-9DE5B8741E6A",
"versionEndExcluding": "137.0.3296.62"
}
],
"operator": "OR"
}
]
}
]