Integer Overflow Vulnerability in Google Chrome's V8 Engine
CVE-2025-7656

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 15 July 2025

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-7656?

An integer overflow vulnerability in the V8 engine of Google Chrome prior to version 138.0.7204.157 can allow remote attackers to exploit heap corruption by crafting a malicious HTML page. This risk highlights the importance of maintaining updated browser versions and implementing robust security practices to protect against potential web-based exploits.

Affected Version(s)

Chrome 138.0.7204.157

News Articles

BleepingComputer

CVE-2025-7656

Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities

The latest releases of Cursor and Windsurf integrated development environments are vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine.

1 week ago

References

https://chromereleases.googleblog.com/2025/07/stable-chan...

https://issues.chromium.org/issues/425583995

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 21, 2025
📰
First article discovered by BleepingComputer
Oct 21, 2025
Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jul 14, 2025

JSON