Inappropriate Implementation in V8 Allows Arbitrary Read/Write in Google Chrome
CVE-2025-12429

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-12429?

A vulnerability in the V8 engine of Google Chrome prior to version 142.0.7444.59 could be exploited by remote attackers. By crafting a malicious HTML page, an attacker may gain the ability to perform arbitrary read and write operations, posing significant risks. This flaw emphasizes the necessity for frequent updates and patches to safeguard against potential exploitation.

Affected Version(s)

Chrome 142.0.7444.59

References

https://chromereleases.googleblog.com/2025/10/stable-chan...

https://issues.chromium.org/issues/450618029

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Oct 28, 2025

JSON