CVE-2025-6554: Google Chrome’s Zero-Day Flaw Exploited in the Wild
Red | Vulnerability Report
Download PDFCVE-2025-6554 is a critical zero-day type confusion vulnerability in Google’s V8 JavaScript engine affecting Chrome versions prior to 138.0.7204.96. The flaw allows attackers to corrupt memory and execute arbitrary code within the browser context, enabling full browser compromise. Successful exploitation could lead to sandbox escape and remote code execution on the host system. Google confirmed active in-the-wild exploitation before the public patch release. Users are strongly advised to update Chrome and other Chromium-based browsers immediately to prevent compromise.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox