AI description
CVE-2025-9132 is a high-severity vulnerability affecting Google Chrome's V8 JavaScript engine. It is classified as an out-of-bounds write issue, meaning that the program can write data beyond the allocated memory buffer. This can lead to memory corruption and allow attackers to gain unauthorized control over system processes. The vulnerability was discovered by Google's Big Sleep AI on August 4, 2025. Successful exploitation of CVE-2025-9132 could allow attackers to execute arbitrary code remotely, bypass Chrome's security sandbox, access sensitive user data, or cause a denial-of-service condition by crashing the browser. The vulnerability affects Chrome versions before 139.0.7258.138 for Windows and macOS, and 139.0.7258.138 for Linux. Google has released an emergency security update to address the vulnerability.
- Description
- Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
30
Google Chrome 139 fixes a critical out-of-bounds write flaw in the V8 JavaScript engine (CVE-2025-9132) discovered by Big Sleep AI from Google DeepMind and Project Zero. Affects Windows, macOS, and Linux. #V8Engine #BigSleepAI #USA https://t.co/E69JxLNTcP
@TweetThreatNews
20 Aug 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical remote code execution flaw CVE-2025-9132 was found in Chrome’s V8 engine, allowing memory corruption and sandbox escape. Update to Chrome 139.0.7258.138+ to patch this risk. #ChromeUpdate #V8Engine #Google https://t.co/45UChaxxTS
@TweetThreatNews
20 Aug 2025
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Chrome update! Google patched a high-severity V8 engine vulnerability (CVE-2025-9132) allowing RCE & browser crashes. Sec pros, update your browsers immediately to stay safe! Don't let this slide. 🛡️ #ChromeSecurity #Vulnerability #InfoSec https://t.co/kv5
@fernandokarl
20 Aug 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Heads up, #CyberSecurity pros! 🚨 Google issued an EMERGENCY Chrome update for CVE-2025-9132, a critical 'out-of-bounds write' in V8 JS allowing arbitrary code execution. Patch NOW to v139.0.7258.138/.139! Protect your systems from this severe threat. 🔒 https://t.co/2oICCJzU
@fernandokarl
20 Aug 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Looks like the high risk V8 bug (CVE-2025-9132) found by Big Sleep AI was an OOB write: https://t.co/C5zbm8H6k5 https://t.co/L0Jdyf1JHS
@alexjplaskett
20 Aug 2025
5013 Impressions
12 Retweets
64 Likes
34 Bookmarks
0 Replies
0 Quotes
Woah... (CVE-2025-9132)[436181695][explicit-resource-management]OOBW https://t.co/m6iFoERecX https://t.co/Dkkx5VPSEM PoC: https://t.co/ABbi8ZqDDI Reported by Google Big Sleep
@xvonfers
19 Aug 2025
4592 Impressions
15 Retweets
57 Likes
28 Bookmarks
1 Reply
1 Quote
https://t.co/CrwHmH2lI2 [N/A][436181695] High CVE-2025-9132: Out of bounds write in V8. Reported by Google Big Sleep on 2025-08-04 TL;DR: Repro extremely short, bug very easily exploitable for a renderer RCE. Big Sleep is interesting indeed :)
@0x10n
19 Aug 2025
8804 Impressions
20 Retweets
126 Likes
46 Bookmarks
0 Replies
2 Quotes