Chromium’s V8 engine received a recent security entry — CVE‑2025‑11215 — described as an off‑by‑one error in V8, and it appears in Microsoft’s Security Update Guide because Microsoft Edge (Chromium‑based) consumes Chromium’s open‑source code; the Security Update Guide records upstream Chromium...
Google’s September stable update for Chrome closed a notable Use‑After‑Free (UAF) in the Dawn WebGPU implementation — tracked as CVE‑2025‑10500 — alongside several other high‑severity graphics and engine fixes; Windows users and administrators running Microsoft Edge (Chromium‑based) should treat...
A high-severity memory-corruption flaw in Chromium’s V8 JavaScript engine, tracked as CVE-2025-9132, has been patched in the Chrome 139 stable update; the vulnerability is an out‑of‑bounds write that can lead to heap corruption and, in the worst case, remote code execution when a user visits a...
A race condition in V8, tracked as CVE‑2025‑8880, was disclosed by the Chromium team and fixed upstream in Chrome Stable — the flaw could allow a remote attacker to execute code inside the browser sandbox via a crafted webpage, and Chromium-based browsers (including Microsoft Edge) are advised...
Chromium’s CVE-2025-1914: Out-of-Bounds Read in V8 and What It Means for Windows Users
In a recent security update, a critical vulnerability—CVE-2025-1914—has been identified in Chromium’s V8 JavaScript engine. This out-of-bounds read issue, first assigned by Chrome, has far-reaching...