CVE-2025-5419
HIGH
Published 2025-06-02T23:36:53.221Z
Actions:
CVSS Score
V3.1
8.8
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A
Impact: N/A
Attack Vector Metrics
Impact Metrics
Description
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
On Track
Due Date
June 26, 2025
(19 days remaining)
Added to KEV
June 5, 2025
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Product
Vendor/Project:
Google
Product:
Chromium V8
Ransomware Risk
Known Ransomware Use
KEV Catalog Version: 2025.06.05
Released: June 5, 2025
References
Published: 2025-06-02T23:36:53.221Z
Last Modified: 2025-06-04T03:55:56.806Z
Copied to clipboard!