Security News > 2025 > June > New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch
2025-06-03 04:22
Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild. The high-severity flaw is being tracked as CVE-2025-5419, and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. "Out of bounds read and write in V8 in Google
News URL
https://thehackernews.com/2025/06/new-chrome-zero-day-actively-exploited.html
Related news
- Google patches new Chrome zero-day bug exploited in attacks (source)
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)
- Google: 97 zero-days exploited in 2024, over 50% in spyware attacks (source)
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google Chrome to use on-device AI to detect tech support scams (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-06-03 | CVE-2025-5419 | Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 0.0 |