Type Confusion in V8 Engine of Google Chrome
CVE-2025-6554

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 30 June 2025

What is CVE-2025-6554?

A type confusion vulnerability in the V8 engine of Google Chrome allows a remote attacker to execute arbitrary read and write operations. This flaw can be exploited through specially crafted HTML pages, which may enable attackers to manipulate data and potentially compromise the security of affected systems. Update your Google Chrome browser to version 138.0.7204.96 or later to mitigate this vulnerability.

Affected Version(s)

Chrome 138.0.7204.96

References

https://chromereleases.googleblog.com/2025/06/stable-chan...

https://issues.chromium.org/issues/427663123

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2025
Vulnerability Reserved
Jun 23, 2025