<ul><li>Google released out-of-band updates to address three vulnerabilities in Chrome, including one actively exploited in the wild (CVE-2025-5419).</li><li>The actively exploited vulnerability allows an attacker to trigger heap corruption via a crafted HTML page.</li><li>In addition, Google addressed another medium-severity flaw in the Blink rendering engine (CVE-2025-5068).</li><li>This is the second actively exploited Chrome zero-day fixed by Google since the beginning of the year.</li></ul>

Google fixed the second actively exploited Chrome zero-day since the start of the year

Discover more