Type Confusion Vulnerability in Google Chrome Product
CVE-2025-8011

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 22 July 2025

What is CVE-2025-8011?

A type confusion vulnerability exists in the V8 engine of Google Chrome, which can be exploited remotely by an attacker through malicious HTML content. This flaw may lead to potential heap corruption, allowing for unauthorized actions within the browser environment. Users are urged to update to the latest versions to mitigate the risks associated with this security issue.

Affected Version(s)

Chrome 138.0.7204.168

References

https://chromereleases.googleblog.com/2025/07/stable-chan...

https://issues.chromium.org/issues/430572435

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
Jul 21, 2025