Google Chromium V8 Type Confusion Vulnerability

Added Sept. 23, 2025 • Due Oct. 14, 2025 • CVE-2025-10585

Due Soon Google / Chromium V8 CWE-843

Description

Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.

Required Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

References

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html
https://nvd.nist.gov/vuln/detail/CVE-2025-10585

Additional Information

Catalog Version: 2025.09.25
Catalog Released: Sept. 25, 2025
Days Until Due: 5 days
Last Updated: 1 week, 6 days ago