On Monday, Google released fixes outside the range to address three security issues in his Chrome browser, including the one that, he said, was actively operating in the wild.
The lack of high speed is tracked as Cve-2025-5419And it was labeled both outside the reading and recording vulnerability in the V8 JavaScript and Webassembly engine.
“Read and write on the V8 on Google Chrome to 137.0.7151.68 allowed a remote attacker to potentially use corruption piles through the created HTML page,” – said description Errors in the National Vulnerability Base Nist (NVD).
Google counted Clement Lecin and Benuta seven of a group of threats (TAG), discovering and reporting on May 27, 2025. He also noted that the issue was resolved the next day, sliding the configuration to a stable browser version on all platforms.
As usual, the advisory coverage details regarding the nature of the attacks that use the vulnerability or identity of the threatening subjects that commit them. This is done so as to make sure that most users are updated and prevent other bad actors join in operation.
“Google knows that in the wild there is a feat for Cve-2025-5419,” Tech Giant ” recognized.
Cve-2025-5419-this is the second actively operated zero day that Google this year was fixed Google this year Cve-2025-2783 (CVSS assessment: 8.3), which Caspersky was defined as armed with attacks aimed at organizing in Russia.
Users are advised to upgrade to the Chrome version 137.0.7151.68/69 for Windows and MacOS, as well as version 137.0.7151.68 for Linux to save from potential threats. Chromium -based browsers, such as Microsoft Edge, Brave, Opera and Vivaldi, are also recommended to apply fixes when they become available.