Type Confusion Vulnerability in Google Chrome
CVE-2025-13223

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 17 November 2025

🔔 Create Google Vulnerability Alert

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-13223?

A type confusion vulnerability in the V8 engine of Google Chrome prior to version 142.0.7444.175 may allow a remote attacker to exploit heap corruption through a specially crafted HTML page. This could lead to unintended behaviors and potentially compromise the security of the browser environment.

Affected Version(s)

Chrome 142.0.7444.175

News Articles

The Hacker News

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google patches two critical V8 flaws, including actively exploited CVE-2025-13223, urging immediate Chrome updates.

3 hours ago

thmubnail image

References

https://chromereleases.googleblog.com/2025/11/stable-chan...

https://issues.chromium.org/issues/460017370

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Nov 18, 2025
📰
First article discovered by The Hacker News
Nov 18, 2025
Vulnerability published
Nov 17, 2025
Vulnerability Reserved
Nov 14, 2025

.

CVE-2025-13223 : Type Confusion Vulnerability in Google Chrome