cbcvebase.
CVE-2025-10585
published 2025-09-24

CVE-2025-10585: Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…

PriorityP190critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2025-10-14
Exploited in the wild
EPSS
5.42%
91.7th percentile
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected

9 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 140.0.7339.185-1~deb12u1140.0.7339.185-1~deb12u1
chromiumchromium>= 0 < 140.0.7339.185-1~deb13u1140.0.7339.185-1~deb13u1
chromiumchromium>= 0 < 140.0.7339.185-1140.0.7339.185-1
debianchromium< chromium 140.0.7339.185-1~deb12u1 (bookworm)chromium 140.0.7339.185-1~deb12u1 (bookworm)
googlechrome< 140.0.7339.185140.0.7339.185
googlechrome>= 140.0.7339.185 < 140.0.7339.185140.0.7339.185
googlechrome_chrome
msrcmicrosoft_edge
paloaltoprisma_browser

Detection & IOCsextracted from sources · hover to see the quote

  • Google TAG reported this zero-day; exploitation pattern is consistent with government-sponsored threat actors targeting high-risk individuals (opposition politicians, dissidents, journalists) via crafted HTML pages delivered remotely.
  • An in-the-wild exploit for CVE-2025-10585 has been confirmed by Google; treat any Chrome version prior to 140.0.7339.185 as actively exploitable.
  • The vulnerability is a type confusion in V8 triggered via a crafted HTML page; monitor for suspicious renderer process crashes or unusual V8 JIT activity that may indicate heap corruption attempts.
  • ·The fix is rolling out gradually to the Stable Desktop channel; not all users will receive it immediately, so endpoint version checks are necessary to confirm patch status.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vulncheck9.8CRITICAL
cisa9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_msrc9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.