Computing

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

News Room
News Room
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Nov 18, 2025Ravie LakshmananBrowser Security / Vulnerability

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild.

The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that could be exploited to achieve arbitrary code execution or program crashes.

“Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page,” according to a description of the flaw in the NIST National Vulnerability Database (NVD).

Clément Lecigne of Google’s Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on November 12, 2025. Google has not shared any details on who is behind the attacks, who may have been targeted, or the scale of such efforts.

However, the tech giant acknowledged that an “exploit for CVE-2025-13223 exists in the wild.”

CIS Build Kits

With the latest update, Google has addressed seven zero-day flaws in Chrome that have been either actively exploited or demonstrated as a proof-of-concept (PoC) since the start of the year. The list includes CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, CVE-2025-6558, and CVE-2025-10585.

CVE-2025-13223 is also the third actively exploited type confusion bug discovered in V8 this year after CVE-2025-6554 and CVE-2025-10585.

Also patched by Google as part of this patch is another type confusion vulnerability in V8 (CVE-2025-13224, CVSS score: 8.8) that was flagged by its artificial intelligence (AI) agent Big Sleep.

To safeguard against potential threats, it’s advised to update their Chrome browser to versions 142.0.7444.175/.176 for Windows, 142.0.7444.176 for Apple macOS, and 142.0.7444.175 for Linux. To make sure the latest updates are installed, users can navigate to More > Help > About Google Chrome and select Relaunch.

Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available.

Share This Article
Previous Article The best early Black Friday deals on Amazon devices The best early Black Friday deals on Amazon devices
Next Article The Best Text-to-Speech Apps We’ve Tested for 2025 The Best Text-to-Speech Apps We’ve Tested for 2025
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Latest News

1,300,000,000 passwords exposed in historic cybercriminal-linked breach
1,300,000,000 passwords exposed in historic cybercriminal-linked breach
News
The Impact of White-Label Website Builders for Agencies
The Impact of White-Label Website Builders for Agencies
Computing
What AI doesn’t know: we could be creating a global ‘knowledge collapse’ | Deepak Varuvel Dennison
What AI doesn’t know: we could be creating a global ‘knowledge collapse’ | Deepak Varuvel Dennison
News
Today's NYT Connections: Sports Edition Hints, Answers for Nov. 18 #421
Today's NYT Connections: Sports Edition Hints, Answers for Nov. 18 #421
News
Lost your password?