Integer Overflow Vulnerability in Google Chrome
CVE-2025-10891

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 24 September 2025

What is CVE-2025-10891?

An integer overflow vulnerability has been identified in the V8 engine of Google Chrome, enabling potential heap corruption via maliciously crafted HTML content. Attackers could exploit this weakness to execute arbitrary code or disrupt services when a user views the harmful page.

Affected Version(s)

Chrome 140.0.7339.207

References

https://chromereleases.googleblog.com/2025/09/stable-chan...

https://issues.chromium.org/issues/443765373

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2025
Vulnerability Reserved
Sep 23, 2025

JSON