CVE-2025-5419

Published Jun 3, 2025

Last updated 8 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-5419 is an out-of-bounds read and write vulnerability found in the V8 JavaScript and WebAssembly engine of Google Chrome. Specifically, it affects Google Chrome versions prior to 137.0.7151.68. According to the NIST's National Vulnerability Database (NVD), this vulnerability could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. The vulnerability was reported to Google on May 27, 2025, by Clement Lecigne and Benoît Sevens of Google's Threat Analysis Group (TAG). Google has confirmed that an exploit for CVE-2025-5419 exists in the wild and has released a security update to address the issue. A configuration change was pushed to the Stable version of Chrome across all platforms on May 28, 2025, to mitigate the bug.

Description
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Source
chrome-cve-admin@google.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Exploit added on
Jun 5, 2025
Exploit action due
Jun 26, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-125

Social media

Hype score
Not currently trending
  1. #infosec #hacking #CSO #cybersecurity #pentesting #informationsecurity #redteam #DataSecurity #CyberSec #HackerNews Google chrome V8 JavaScript引擎越界读写漏洞(CVE-2025-5419) https://t.co/h3g4LjfGVZ https://t.co/MHbLMDeECn

    @cncsocom

    13 Jun 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    10 Jun 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. 🔴 Google Chrome Zero-Day Under Active Exploitation! Google has issued an urgent security patch for CVE-2025-5419, a critical flaw (CVSS 8.8) in the V8 JavaScript engine. This vulnerability, already exploited in the wild, allows attackers to corrupt memory via a crafted HTML h

    @_viepaix

    10 Jun 2025

    104 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    10 Jun 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. A new Chrome zero-day is being actively exploited; Google has released an out-of-band emergency patch to address the vulnerability CVE-2025-5419, which carries a CVSS score of 8.8. https://t.co/nH4CrcMCOW #UrgentUpdate https://t.co/quqMq1C6wa

    @JadenJohnsNews

    9 Jun 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 Chrome Zero-Day Alert (CVE-2025-5419) 🚨 A critical V8 engine flaw is being actively exploited in the wild, allowing remote code execution via malicious sites. 🔴 Severity: High (CVSS 8.8) ⚠️ Impact: Full browser compromise possible ✅ Fix: Update Chrome

    @ZBounty18591

    9 Jun 2025

    9 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. 🚨 Google confirms exploit for CVE-2025-5419 (V8 out-of-bounds read/write) in the wild. Chrome Stable updated to 137.0.7151.68/.69 with fix. Update now https://t.co/R7DCA68xBg

    @andy_empirical

    9 Jun 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. RE: CVE-2025-5419 - vuln allows you to read uninitialized memory by removing an initializing store.

    @mistymntncop

    9 Jun 2025

    2796 Impressions

    1 Retweet

    21 Likes

    6 Bookmarks

    0 Replies

    1 Quote

  9. 👏 AdsPower Now Supports Chrome 137 Kernel! This update also optimizes the V8 engine for faster response times and enhanced stability, while patching critical vulnerabilities (e.g., CVE-2025-5419) recently fixed by Chrome. How to upgrade❓ 1. Open AdsPower 2. Go to Profiles &

    @AdsPowerBrowser

    9 Jun 2025

    128 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🔒 Masz Chrome? Kliknij “Zaktualizuj” i zrestartuj – Google załatał groźną lukę CVE-2025-5419 już wykorzystywaną przez hakerów. 60 sekund i po stresie. #BezpiecznaFirma #SME #cyberbezpieczenstwo https://t.co/qUAltzYacA

    @PointZeroPL

    9 Jun 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🆕 #AdsPower 現已支持 Chrome 137 內核! 爲提供更安全、流暢的使用體驗,我們已完成瀏覽器內核昇級,現全麵支持 Chrome 137。 本次更新同步優化了 V8 引擎,響應更快,穩定性更強,同時也覆蓋了近期 Chrome 官方修

    @adspowercn

    9 Jun 2025

    470 Impressions

    2 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  12. Chrome緊急修正: V8エンジンのゼロデイ脆弱性CVE-2025-5419が悪用中、今すぐアップデートを https://t.co/7O40inWPs5 Chromeユーザーは、ブラウザが最新版(Windows/Mac: 137.0.7151.68/.69、Linux: 137.0.7151.68)になっているか確認し

    @innovaTopia_JP

    8 Jun 2025

    124 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Chrome緊急修正: V8エンジンのゼロデイ脆弱性CVE-2025-5419が悪用中、今すぐアップデートを https://t.co/0r9NjDeIUl

    @pen_senpai

    8 Jun 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    8 Jun 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. CVE-2025-5419 (CVSS:8.8, HIGH) is Analyzed. Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially expl..https://t.co/p8xXDrZLue #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    8 Jun 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. 今週、Chrome(クローム)ブラウザーに関する警告が再び報じられている。グーグルは攻撃が進行中であることを認め、約30 億人のユーザーに緊急アップデートを配信した(「CVE-2025-5419:深刻度 High」への対

    @acchonvurike

    8 Jun 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 今週、Chrome(クローム)ブラウザーに関する警告が再び報じられている。グーグルは攻撃が進行中であることを認め、約30 億人のユーザーに緊急アップデートを配信した(「CVE-2025-5419:深 ソース: Yahoo!ニュ

    @nyaoki3396

    7 Jun 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    7 Jun 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  19. Google Chromium V8, Exécution de code arbitraire, atteinte à la confidentialité et à l’intégrité du système. 🛡️ Alerte CISA : Exploitation active de la vulnérabilité CVE-2025-5419 affectant le noyau Chromium V8. https://t.co/8yhtDvg14t

    @NicolasCoolman

    7 Jun 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    7 Jun 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  21. 🚨Update Chrome ASAP! Google patched a critical vulnerability (CVE-2025-5419) actively exploited in the wild. Protect your data by going to **Settings > About Chrome** & relaunching after the update. Stay safe online! #CyberSecurity #ChromeUpdate #TechNews https://t.co/2

    @Empist

    6 Jun 2025

    32 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 🚨 Zero-day alert! Google Chrome's CVE-2025-5419 is under active attack. Update ASAP to v137.0.7151.68+ to patch memory corruption exploit via malicious HTML. Share this crucial info! 🛡️ #Cybersecurity #ZeroDay #Chrome https://t.co/1nKJbyFwt8

    @fernandokarl

    6 Jun 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Content: Google Fixes Chrome Zero-Day with In-The-Wild Exploit (CVE-2025-5419) In a recent development, Google has mitigated two serious vulnerabil https://t.co/O5UHagHi1m https://t.co/pswoqHrnZv

    @AegisLens

    6 Jun 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 🚨Google opravuje již třetí zero-day zranitelnost tento rok. Zranitelnost CVE-2025-5419 (CVSS skóre 8.8) v prohlížeči Google Chrome je podle společnosti hojně zneužívána. Chyba je způsobena out-of-bounds čtením a zápisem v prohlížečovém V8 JavaScript enginu

    @AlefSecurity

    6 Jun 2025

    83 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  25. 🔴🚨 جوجل تطلق تحديث طارئ لمتصفح كروم عشان تحمي 3 مليار مستخدم! 🚀 جوجل اكتشفت ثغرة خطيرة (CVE-2025-5419) ممكن يستغلها المهاجمين للهجوم على الأجهزة عن بعد. التحد

    @TekTrndz

    6 Jun 2025

    51 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Security Alert A Chrome zero-day vulnerability (CVE-2025-5419) is actively being exploited via malicious web pages. For your safety and to protect your assets, please update your browser immediately to: Chrome 137.0.7151.68/.69 (Windows/macOS) Chrome

    @Cascade1679624

    6 Jun 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    6 Jun 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  28. 🛡️ We added Google Chromium V8 out-of-bounds read and write vulnerability CVE-2025-5419 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. https://t.co/1xiWOtty4r

    @CISACyber

    5 Jun 2025

    6197 Impressions

    17 Retweets

    52 Likes

    9 Bookmarks

    4 Replies

    2 Quotes

  29. 🔴 #Google #Chrome, Heap Corruption, #CVE-2025-5419 (High) https://t.co/EIEK3cacdb

    @dailycve

    5 Jun 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. Google fixed the second actively exploited Chrome zero-day since the start of the year Google patches third Chrome zero-day vulnerability this year, CVE-2025-5419, actively exploited in the wild. Experts urge immediate updates to mitig... Read more: https://t.co/h2sgypiBPh http

    @dailynews_ai_25

    5 Jun 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. Important security update: @opera, @operagxofficial, Opera Air, and Opera for Android have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-5419 Update now to the latest versions: - Opera version 119.0.5497.70 - Opera GX version 119.0.5497.68 -

    @Opera_Security

    5 Jun 2025

    91 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 📢 GÜVENLİK DUYURUSU – Google Chrome Kritik Sıfır-Gün Açığı (CVE-2025-5419) Google, tarayıcısındaki “V8” JavaScript motorunda aktive olarak istismar edilen bir “out-of-bounds read/write” zafiyetini (CVE-2025-5419) kapatmak için acil bir güncelleme yayı

    @GMDestekMerkezi

    5 Jun 2025

    42 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. Actively exploited CVE : CVE-2025-5419

    @transilienceai

    5 Jun 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  34. 停下手头的所有任务,马上更新浏览器 旧版Chrome已爆出严重漏洞: CVE-2025-5419,可被黑客远程执行任意代码,已有攻击案例! 💡更新方法:点击右上角【…】 > 设置 > 关于 Chrome > 自动更新 最新版本:

    @xiaxiaoyubing

    5 Jun 2025

    475 Impressions

    0 Retweets

    2 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  35. Google Chrome Zero-Day Alert: Understanding & Mitigating CVE-2025-5419 Introduction: Urgent Alert on Actively Exploited Chrome Zero-Day Google has issued an emergency, out-of-band security update for its widely used Chrome browser to address a critical zero-day vulnerability,

    @Hamaaadite

    4 Jun 2025

    141 Impressions

    0 Retweets

    8 Likes

    0 Bookmarks

    7 Replies

    0 Quotes

  36. 🚨 Google just released a critical Chrome security update for a zero-day vulnerability (CVE-2025-5419). Your browser could be at risk if not updated. Protect your data—update now. 🔗 Read more: https://t.co/BuKrd58Ikk #CyberSecurity #ChromeUpdate #BusinessPCSupport https:

    @BusPCsupport

    4 Jun 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. 🚨 Google Chrome に深刻度8.8のゼロデイ脆弱性が発見され、既に実際の攻撃で悪用されています CVE-2025-5419と名付けられたこの脆弱性は、ChromeのV8 JavaScriptエンジンを標的とし、境界外読み取り・書き込みの欠陥

    @TechTrendsJP

    4 Jun 2025

    101 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  38. ⚡️ 0-Day Alert - Google Chrome exploit in the wild CVE-2025-5419: Memory corruption in v8 Patched in Chrome Stable Channel 137.0.7151.68/.69 https://t.co/2ImEgB28So

    @zerodaytraining

    4 Jun 2025

    9675 Impressions

    15 Retweets

    75 Likes

    34 Bookmarks

    1 Reply

    1 Quote

  39. Google Chrome-də kritik boşluq (CVE-2025-5419) aşkar olunub. #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/XMoeChoco0

    @CERTAzerbaijan

    4 Jun 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) https://t.co/rkJG2e9EO9 #HelpNetSecurity #Cybersecurity https://t.co/yrzmS966vs

    @PoseidonTPA

    4 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. #Google fixes #Chrome zero-day with in-the-wild exploit (CVE-2025-5419) https://t.co/6IixMCxfSn https://t.co/UCKRjrBod2

    @evanderburg

    4 Jun 2025

    91 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. 🚨 Chrome 爆出严重漏洞(CVE-2025-5419) 黑客可远程执行任意代码,已有实际攻击发生! 📉 使用旧版 Chrome 可能会暴露钱包资产风险 🔄 请立即更新至 v137.0.7151.68/69 路径:Chrome右上角【…】> 设置 > 关于 Chrome &

    @yichen1806

    4 Jun 2025

    145 Impressions

    0 Retweets

    4 Likes

    0 Bookmarks

    2 Replies

    0 Quotes

  43. Chrome 的沙箱机制通常能隔离恶意代码,但 CVE-2025-5419 允许攻击者绕过这一防护,直接在设备上执行代码,设备感染可能导致你的钱包资产瞬间清零 大家记得将你的Google Chrome谷歌浏览器更新到最新版 v137.0.7151.68/69

    @pipizhu_eth

    4 Jun 2025

    11419 Impressions

    2 Retweets

    65 Likes

    4 Bookmarks

    6 Replies

    0 Quotes

  44. MooWu: Google Chrome Has Released an Emergency Patch to Fix a Critical Zero-Day Vulnerability (CVE-2025-5419) Explore more key information on #SoSoValue: https://t.co/xZIXWfrQRv via @sosovaluecrypto

    @alok05270

    4 Jun 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. 🚨SlowMist Security Alert🚨 @googlechrome has released an emergency patch for a high-severity zero-day vulnerability (CVE-2025-5419) actively exploited in the wild. The flaw, found in the V8 JavaScript engine, allows remote attackers to corrupt memory via crafted HTML pages.

    @SlowMist_Team

    4 Jun 2025

    5765 Impressions

    13 Retweets

    48 Likes

    9 Bookmarks

    5 Replies

    3 Quotes

  46. 🚨 Chrome Zero-Day Alert — CVE-2025-5419 Actively Exploited 🚨 Google just released an emergency patch for a high-severity flaw in the Chrome browser. Here's what you need to know 🧵👇

    @cybrhoodsentinl

    4 Jun 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  47. CVE-2025-5419 Update your chromium browser ASAP https://t.co/ZD831PQpwf #cve #chrome

    @thesuhu

    4 Jun 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. गूगल ने क्रोम ब्राउजर के यूज़र्स के लिए साइबर हमले की चेतावनी जारी की है। कंपनी ने CVE-2025-5419 नामक तकनीकी खामी की

    @sanewshimachal

    4 Jun 2025

    144 Impressions

    35 Retweets

    39 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Google Chrome、定例アップデートで危険性の高い脆弱性を修正(CVE-2025-5419) #セキュリティ対策Lab #セキュリティ #Security https://t.co/GGkpFSNYTb

    @securityLab_jp

    3 Jun 2025

    107 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. 🔥 تاني Zero-Day في كروم من بداية السنة؟! جوجل بتصدر تحديثات عاجلة وسريعة علشان تسد 3 ثغرات في متصفح كروم، من ضمنهم واحدة خطيرة جدًا تم استغلالها فعليًا في هجم

    @hiddenlockT

    3 Jun 2025

    359 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations