CVE-2025-9864 — Paloalto Prisma Browser vulnerability

4 documents4 sources

Severity

8.8HIGH

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Chromium Paloalto Prisma Browser Msrc Microsoft Edge

Timeline

PublishedSep 9

Latest updateOct 8

Description

Chromium: CVE-2025-9864 Use after free in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce…

Affected Packages3 packages

▶msrcmsrc/microsoft_edge

▶Debianchromium/chromium< 140.0.7339.80-1~deb12u1+2

▶Palo Altopaloalto/prisma_browser

🔴Vulnerability Details

OSV

CVE-2025-9864: Use after free in V8 in Google Chrome prior to 140↗2025-09-03

▶

📋Vendor Advisories

Palo Alto

PAN-SA-2025-0016 Chromium: Monthly Vulnerability Update (October 2025)↗2025-10-08

▶

Microsoft

Chromium: CVE-2025-9864 Use after free in V8↗2025-09-09

▶

🕵️Threat Intelligence

Bleepingcomputer

Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days↗2025-09-09

▶