CVE-2025-6554
Published Jun 30, 2025
Last updated 2 months ago
AI description
CVE-2025-6554 is a type confusion vulnerability found in the V8 JavaScript engine, which is used in Chrome and other Chromium-based browsers. This vulnerability can be exploited by remote, unauthenticated attackers by serving crafted HTML pages to targeted users. If successful, the attacker can trick V8 into misinterpreting memory types, potentially leading to arbitrary read/write operations. In some scenarios, this could allow for full remote code execution. Google is aware that the vulnerability is being actively exploited in the wild. A security update has been released for Chrome to address this zero-day vulnerability. The vulnerability was discovered by Clément Lecigne of Google's Threat Analysis Group (TAG) on June 25, 2025.
- Description
- Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.1
- Impact score
- 5.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium V8 Type Confusion Vulnerability
- Exploit added on
- Jul 2, 2025
- Exploit action due
- Jul 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- chrome-cve-admin@google.com
- CWE-843
- Hype score
- Not currently trending
【アーカイブ】 エッジの脆弱性5件、攻撃確認も。今すぐの更新と対策を推奨 Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/AYyaFcjY9P #cybernote #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
18 Aug 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 エッジ脆弱性5件修正。既に悪用も、今すぐ更新を。詳細は記事で Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/rs3aqHcVwG #cybernote #ブログ仲間と繋がりたい #Webライ
@Teeeda_worker
18 Aug 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 エッジの脆弱性5件修正、悪用も確認。最新情報をチェックしよう Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/rs3aqHcVwG #cybernote #ブログ仲間と繋がりたい #Webライタ
@Teeeda_worker
18 Aug 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CVE202549713 Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited https://t.co/zphpB0nTLC
@Komodosec
10 Aug 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Vulnerability #chrome Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available https://t.co/Mu4oAg1rDP
@Komodosec
9 Aug 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 Microsoft Edgeの5つの脆弱性が修正。安全性向上へ。 Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/rs3aqHcnH8 #cybernote #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
4 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 最新のセキュリティ情報!今すぐチェック! Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/rs3aqHcnH8 #cybernote #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
3 Aug 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 重要な脆弱性修正!安全性を確保しましょう。 Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/rs3aqHcVwG #cybernote #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
1 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 [AUG 1] Daily #CyberThreats from #CyberDudeBivash 🛠️ Citrix CVE-2025-5777 (Data Leak) 💣 ShadowStrike SSH Botnet 🧠 Chrome V8 Zero-Day CVE-2025-6554 🎯 Malvertising on Edge/Firefox 🔗 https://t.co/CdDASZtiJu | https://t.co/QHCBMbYxeX #ThreatIntel #Infosec #
@Iambivash007
1 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 最新の脆弱性修正情報!安全対策を確認しよう。 Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/rs3aqHcVwG #cybernote #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
31 Jul 2025
35 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 最新のEdgeで安心を。早めのアップデートを! Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/AYyaFcjY9P #cybernote #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
31 Jul 2025
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 Edgeの重要な脆弱性に対処!アップデート必須です。 Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/AYyaFcjY9P #cybernote #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
30 Jul 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Chromium vulnerabilities (CVE-2025-6554 to 6557) patched in openSUSE. Type confusion in V8? Use-after-free in Animation? Read more : 👉 https://t.co/p8lwkVn4o2 #infosec #Linux #CVE https://t.co/aMTmjIEQeL
@Cezar_H_Linux
27 Jul 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome 138 and Firefox 141 have addressed critical high-severity memory safety flaws, including zero-days CVE-2025-6558 and CVE-2025-6554, with updates to their JavaScript engines. #ChromeUpdate #FirefoxFix #UK https://t.co/FoXQ0NB7oG
@TweetThreatNews
23 Jul 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 安心して利用するために、最新情報をチェック! Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/AYyaFcjY9P #cybernote #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
22 Jul 2025
29 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
A Brief Analysis of Chrome's 0day CVE-2025-6554 in the Wild 2025-07-21 https://t.co/3cHUVqCA0A
@tdatwja
22 Jul 2025
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A Brief Analysis of Chrome's 0day CVE-2025-6554 in the Wild https://t.co/is5wa9hyf2
@blackorbird
22 Jul 2025
6176 Impressions
25 Retweets
89 Likes
38 Bookmarks
1 Reply
0 Quotes
Brief analysis of Chrome vuln #CVE-2025-6554, which was exploited in the wild. https://t.co/s0ru9dawua
@RedDrip7
22 Jul 2025
7519 Impressions
29 Retweets
51 Likes
29 Bookmarks
0 Replies
1 Quote
Chrome zero-day activ 🚨 CVE-2025-6554 lovește Chrome! Use-after-free în V8 exploatat in-the-wild. Actualizează la 125.0.6419.110 și activează măsuri de izolare. Detalii pe blog. #CVE20256554 #Chrome #cybersecurity #CVE20256554 #Chrome #cybersecurity https://t.co/WtvzEF
@bifluxgroup
18 Jul 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6554 în Chrome 🚨 Zero-day Chrome (CVE-2025-6554) exploatat in-the-wild. Update la 125.0.6422.112 acum sau riscați RCE! #Chrome #ZeroDay #CVE20256554 #["#Chrome" # "#ZeroDay" # "#CVE20256554" # "#Cybersecurity" # "#Vulnerabilități" # "#PatchManagement"] https://t
@bifluxgroup
18 Jul 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome Zero-Day Alert! Google patched CVE-2025-6554, a critical V8 engine flaw actively exploited in the wild. 🔧 Update Chrome NOW chrome://settings/help & restart. Pro tip (from Security Engineer): Enable auto-updates Monitor threat advisories Harden browser secur
@badiwal_harsh
17 Jul 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google Patches Fifth Chrome Zero-Day of 2025: CVE-2025-6554 https://t.co/kU1U4tI46N
@CyberSecuriUS
17 Jul 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6554 marks the fifth actively exploited #Chrome Zero-Day patched by Google in 2025 https://t.co/iu1nF0Wm9p #securityaffairs #hacking
@securityaffairs
16 Jul 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ChromeやEdgeなどのJavaScriptエンジン「V8」に重大なゼロデイ(CVE-2025-6554) 既に悪用されているとCISAが認定。即時のアップデート推奨。 https://t.co/ohPlh29Jri
@shampoo_101_
14 Jul 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
nu11secur1ty: CVE-2025-6554 - Chromium 138.0.7204.96 Build & Exp... https://t.co/w4q0OrNqdQ
@nu11secur1ty1
14 Jul 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google ChromeとMicrosoft Edgeが攻撃を受けている。最新のゼロデイ脆弱性(CVE-2025-6554)はグーグル自身の脅威分析グループ(TAG。Threat Analysis Group)によって発見され、「全ユーザ... #GoogleChrome #MicrosoftEdge https://t.co/
@_8AS1_
14 Jul 2025
63 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【セキュリティニュース】 Microsoft Edgeが5件の脆弱性を修正|CVE-2025-6554はすでに攻撃確認 https://t.co/7CQP77hhGd cybernote
@BADBEAR112919
13 Jul 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-6554
@transilienceai
13 Jul 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-6554
@transilienceai
12 Jul 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-6554
@transilienceai
11 Jul 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
⚠️ Wait a moment — There's a Critical Vulnerability (CVE-2025-6554) You Need to Know A zero-day vulnerability in Chrome’s V8 engine (CVE-2025-6554) has been actively exploited in the wild. This type confusion flaw allows remote attackers to execute arbitrary read/write h
@RoxyBrowser
11 Jul 2025
32 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
Google ChromeとMicrosoft Edgeが攻撃を受けている。最新のゼロデイ脆弱性(CVE-2025-6554)はグーグル自…… → このリストにあるChrome・Edgeの拡張機能をすぐに削除せよ https://t.co/n4JipzMsiH
@forbesjapan
11 Jul 2025
18965 Impressions
5 Retweets
14 Likes
19 Bookmarks
0 Replies
2 Quotes
I just APT proofed Brave on a ryzen 8700g with pkey v8. CVE-2025-6554 variants in working chain now fail
@AbcXyz03921267
10 Jul 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Just noticed my Brave seems to not automatically (nor notify) about the chromium CVE-2025-6554 security update -at least for me 🤷♂️-, beware and update manually (brave://settings/help)!
@m411k_
10 Jul 2025
159 Impressions
0 Retweets
4 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-6554
@transilienceai
9 Jul 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Immediate Action Required: Google Chrome Zero-Day Flaw Under Active Exploitation (CVE-2025-6554) https://t.co/yK9aIvqIeD
@KevinLo49983937
8 Jul 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Actualización de seguridad de Grafana ❗CVE-2025-5959 ❗CVE-2025-6554 ❗CVE-2025-6191 ❗CVE-2025-6192 ➡️Más info: https://t.co/2S1ixNursX https://t.co/OSZYPAZotS
@CERTpy
8 Jul 2025
118 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#CybersecurityNEWS🔴👨💻👾 Vulnerabilidad Zero-Day en Google Chrome registrada como CVE-2025-6554, afecta al motor de JavaScript y WebAssembly (V8) Ver más: https://t.co/Lpfsabwjta #ciberseguridad #DevelNews https://t.co/CJV7UNIkbA
@develsecurity
8 Jul 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Grafana Patches Chromium Bugs including a Zero-Day Exploited Grafana has released security updates to fix four high-severity vulnerabilities in the Chromium library used by its Image Renderer plugin and Synthetic Monitoring Agent. The most critical, CVE-2025-6554, is a type of h
@dCypherIO
8 Jul 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Grafana has released patches for four high-severity Chromium vulnerabilities, including CVE-2025-6554, a type confusion flaw exploited in the wild. Addresses remote code execution & memory issues in Image Renderer & Monitoring Agent. 🚨 #Cyber #Vulnerabi… https://t.co
@TweetThreatNews
7 Jul 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Edgeに深刻な2件の脆弱性(CVE-2025-6554,CVE-2025-49713) #セキュリティ対策Lab #セキュリティ #Security https://t.co/1NCCAPW9Ia
@securityLab_jp
6 Jul 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 Google releases emergency Chrome update to fix zero-day vulnerability CVE-2025-6554. Restart your browser now. #CyberSecurity #ZeroDay https://t.co/QH25w3OWj0 https://t.co/AWIDrdQm7E
@CyberHub_blog
6 Jul 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6554 (0day in V8) My version PoC https://t.co/JDGAjKPXOE
@windz3r0day
6 Jul 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-6554
@transilienceai
6 Jul 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨URGENT: Chrome Zero-Day, CVE-2025-6554, Actively Exploited A critical type confusion vulnerability was discovered in Chrome’s V8 JavaScript engine (versions prior to 138.0.7204.96). This flaw allows arbitrary memory read/write via specially crafted HTML, potentially leadi
@datareaperai
6 Jul 2025
124 Impressions
1 Retweet
5 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 July 4th Cyber Alert:🚨 In the last 48 hrs: 🛫 Qantas breach exposed 6M users via phone scam 🌐 Chrome zero-day patched (CVE-2025-6554) 🔐 Use MFA, update your browser, and don’t trust unknown calls. 📰 https://t.co/1nyCijJG8T #CyberSafety #SafeCyberSurfer
@safecybersurfer
6 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-6554
@transilienceai
6 Jul 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
גוגל משחררת עדכון לכרום הסוגר חולשה המנוצלת בפועל ע"י תוקפים בעולם (CVE-2025-6554) הגרסאות התקינות הן: - 138.0.7204.96/.97 for Windows - 138.0.7204.92/.93 for Mac - 138.0.7204.92 for Linux תודה לנתי
@CyberIL
5 Jul 2025
223 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-6554 parchada en V8 de Chrome: si aún no has reiniciado, tú mismo abres la puerta al exploit. 😏 ¿Vas a esperar a ser el próximo bombardeado? #ZeroDay #ChromeUpdate https://t.co/3LuPph6dCv
@gorkaelbochi
5 Jul 2025
7 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update Jul 01, 2025 https://t.co/m6elz1ac53
@tdatwja
5 Jul 2025
194 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A92F452-E80D-4C80-BE35-7CEC05DC959A",
"versionEndExcluding": "138.0.7204.96"
}
],
"operator": "OR"
}
]
}
]