CVE-2025-9132

Published Aug 20, 2025

Last updated 2 months ago

CVSS high 8.8
Google Chrome V8

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-9132 is a high-severity vulnerability affecting Google Chrome's V8 JavaScript engine. It is classified as an out-of-bounds write issue, meaning that the program can write data beyond the allocated memory buffer. This can lead to memory corruption and allow attackers to gain unauthorized control over system processes. The vulnerability was discovered by Google's Big Sleep AI on August 4, 2025. Successful exploitation of CVE-2025-9132 could allow attackers to execute arbitrary code remotely, bypass Chrome's security sandbox, access sensitive user data, or cause a denial-of-service condition by crashing the browser. The vulnerability affects Chrome versions before 139.0.7258.138 for Windows and macOS, and 139.0.7258.138 for Linux. Google has released an emergency security update to address the vulnerability.

Description
Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Source
chrome-cve-admin@google.com
NVD status
Analyzed
Products
chrome

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

chrome-cve-admin@google.com
CWE-787

Social media

Hype score
Not currently trending

  1. #VulnerabilityReport #Chromium Google Chrome Issues High-Severity Fix for V8 Engine Vulnerability (CVE-2025-9132) https://t.co/0gS1aeBz2a

    @Komodosec

    26 Sept 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Top 5 Trending CVEs: 1 - CVE-2025-53770 2 - CVE-2025-9132 3 - CVE-2025-38494 4 - CVE-2020-14883 5 - CVE-2025-52970 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    22 Sept 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️Vulnerabilidad en Microsoft Edge ❗CVE-2025-9132 ➡️Más info: https://t.co/MvNg1chaqd https://t.co/3PTRk1oXbl

    @CERTpy

    26 Aug 2025

    90 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. URGENT: #Fedora 42 users must update Chromium to patch a critical Remote Code Execution vulnerability (CVE-2025-9132) in the V8 engine. Read more: 👉 https://t.co/nRjsejasqZ #Security https://t.co/AH3XXXypAO

    @Cezar_H_Linux

    26 Aug 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. ⚠️Vulnerabilidad en Google Chrome ❗CVE-2025-9132 ➡️Más info: https://t.co/FTzPsfc9dK https://t.co/oLowPNucD4

    @CERTpy

    25 Aug 2025

    127 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. グーグル/Google「Chrome」深刻度“高”の脆弱性/早めに更新を-'25/08/22¦ASCII https://t.co/Btk4H5QUYe 抜粋 グーグルは8月19日 デスクトップ及びAndroid版の「Chrome」で 脆弱性の修正を含むアップデートを公開した 深刻度

    @gkgn14412

    23 Aug 2025

    75 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. URGENT: Critical code execution vulnerability (CVE-2025-9132) patched in #Debian's Chromium. Impact: Arbitrary code execution, DoS, data theft. Read more:👉 https://t.co/UJaTrrr2DI #Security https://t.co/NufhKkfHmU

    @Cezar_H_Linux

    22 Aug 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. ⚠️ Weekly vuln radar. https://t.co/Cd6L8ACyLV – spot what’s trending before it’s everywhere: CVE-2025-29927 CVE-2025-43300 CVE-2025-57788 (@chudyPB, Sonny) CVE-2025-9132 (@GoogleDeepMind) CVE-2025-9074 CVE-2025-57790 CVE-2025-57789 CVE-2025-57791 CVE-2024-41787

    @ptdbugs

    22 Aug 2025

    127 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Chromium: CVE-2025-9132 Out of bounds write in V8 https://t.co/2TvsIIFQYl #SecQube #cybersecurity

    @SecQube

    22 Aug 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Google、ChromeのV8エンジン 脆弱性を修正(CVE-2025-9132) https://t.co/ovaDTpOwc1 #セキュリティ対策Lab #セキュリティ #Security

    @securityLab_jp

    21 Aug 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨Aggiorna subito #Google #Chrome ⚠️L'ultimo aggiornamento risolve una vulnerabilità di cui due con gravità alta : CVE-2025-9132 Versione 139.0.7258.138/.139 per Windows, Mac e Linux https://t.co/y4DqF96OMj https://t.co/w2yIjEGtij

    @techworldaleant

    21 Aug 2025

    28 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Google Chrome 139 fixes a critical out-of-bounds write flaw in the V8 JavaScript engine (CVE-2025-9132) discovered by Big Sleep AI from Google DeepMind and Project Zero. Affects Windows, macOS, and Linux. #V8Engine #BigSleepAI #USA https://t.co/E69JxLNTcP

    @TweetThreatNews

    20 Aug 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. A critical remote code execution flaw CVE-2025-9132 was found in Chrome’s V8 engine, allowing memory corruption and sandbox escape. Update to Chrome 139.0.7258.138+ to patch this risk. #ChromeUpdate #V8Engine #Google https://t.co/45UChaxxTS

    @TweetThreatNews

    20 Aug 2025

    66 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 🚨 Critical Chrome update! Google patched a high-severity V8 engine vulnerability (CVE-2025-9132) allowing RCE & browser crashes. Sec pros, update your browsers immediately to stay safe! Don't let this slide. 🛡️ #ChromeSecurity #Vulnerability #InfoSec https://t.co/kv5

    @fernandokarl

    20 Aug 2025

    67 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Heads up, #CyberSecurity pros! 🚨 Google issued an EMERGENCY Chrome update for CVE-2025-9132, a critical 'out-of-bounds write' in V8 JS allowing arbitrary code execution. Patch NOW to v139.0.7258.138/.139! Protect your systems from this severe threat. 🔒 https://t.co/2oICCJzU

    @fernandokarl

    20 Aug 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Looks like the high risk V8 bug (CVE-2025-9132) found by Big Sleep AI was an OOB write: https://t.co/C5zbm8H6k5 https://t.co/L0Jdyf1JHS

    @alexjplaskett

    20 Aug 2025

    5013 Impressions

    12 Retweets

    64 Likes

    34 Bookmarks

    0 Replies

    0 Quotes

  17. Woah... (CVE-2025-9132)[436181695][explicit-resource-management]OOBW https://t.co/m6iFoERecX https://t.co/Dkkx5VPSEM PoC: https://t.co/ABbi8ZqDDI Reported by Google Big Sleep

    @xvonfers

    19 Aug 2025

    4592 Impressions

    15 Retweets

    57 Likes

    28 Bookmarks

    1 Reply

    1 Quote

  18. https://t.co/CrwHmH2lI2 [N/A][436181695] High CVE-2025-9132: Out of bounds write in V8. Reported by Google Big Sleep on 2025-08-04 TL;DR: Repro extremely short, bug very easily exploitable for a renderer RCE. Big Sleep is interesting indeed :)

    @0x10n

    19 Aug 2025

    8804 Impressions

    20 Retweets

    126 Likes

    46 Bookmarks

    0 Replies

    2 Quotes

Configurations

References

Sources include official advisories and independent security research.