Security News > 2025 > June > Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)
2025-06-04 11:16
Google has fixed two Chrome vulnerabilities, including a zero-day flaw (CVE-2025-5419) with an in-the-wild exploit. About CVE-2025-5419 CVE-2025-5419 is a high-severity out of bounds read and write vulnerability in V8, the JavaScript and WebAssembly engine developed by Google for the Chromium and Chrome web browsers. It allows remote attackers to trigger heap corruption via a crafted HTML page. It was reported by Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group – a specialized … More → The post Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) appeared first on Help Net Security.
News URL
Related news
- Google fixes high severity Chrome flaw with public exploit (source)
- New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch (source)
- Google patches new Chrome zero-day bug exploited in attacks (source)
- Google quietly pushes emergency fix for Chrome 0-day as exploit runs wild (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-06-03 | CVE-2025-5419 | Unspecified vulnerability in Google Chrome Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 0.0 |