CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jun 26, 2025

High

CISA KEV

CVE-2025-5419

Google—Chromium V8

Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Required Action

https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2025-5419",

Vulnerability Overview

Severity: High
CISA KEV: Yes
Ransomware: Unknown
Published: Jun 5, 2025
KEV Added: Jun 5, 2025
Due Date: Jun 26, 2025
Related Articles: 0

Vendor

Google

Chromium V8