CVE-2025-6554

Summary

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

Affected Software

VendorProductVersion RangeStatus
GoogleChrome138.0.7204.96 < 138.0.7204.96affected

Weaknesses

  • CWE-843: Type Confusion

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References