CVE-2025-5419HIGH 8.8CISA KEVEPSS p92.9%

CVE-2025-5419Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

Google / Chromium V8

Description

Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS6.46% probability of exploitation · percentile 92.9% · 2026-06-18T12:00:27Z
Published2025-06-03
Last modified2025-10-24

CISA KEV entry

Added to KEV: 2025-06-05

Underlying weaknesses· 2

CWE-125CWE-787

References

  1. https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html
  2. https://issues.chromium.org/issues/420636529
  3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-5419
  4. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-5419

2

TypeTargetConfidenceTier
WeaknessOut-of-bounds Readcwe-1250%live
WeaknessOut-of-bounds Writecwe-7870%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryGoogle Chromium V8 Out-of-Bounds Read and Write Vulnerabilitykev-cve-2025-54190%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Google Chromium V8 Out-of-Bounds Write Vulnerability
CVE
Google Chromium V8 Out-of-Bounds Memory Access Vulnerability
CVE
Google Chromium V8 Out-of-Bounds Memory Write Vulnerability
CVE
Google Chromium V8 Out-of-Bounds Memory Vulnerability
CVE
Google Chromium V8 Heap Buffer Overflow Vulnerability
CVE
CVE-2025-5280
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.