<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, CVE-2025-5419, to its Known Exploited Vulnerabilities catalog.</li><li>Google released out-of-band updates to address three vulnerabilities in its Chrome browser, including CVE-2025-5419 that is actively exploited.</li><li>The vulnerability in V8 JavaScript engine in Google Chrome can trigger a heap corruption via a crafted HTML page.</li><li>CISA orders federal agencies to fix the vulnerabilities by June 26, 2025, and private organizations are advised to address vulnerabilities in their infrastructure.</li></ul>

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

Discover more