Google released an urgent Chrome 142 update to fix a critical zero-day vulnerability (CVE-2025-13223) that is actively exploited in the wild. The flaw involves a type confusion issue in the V8 engine, potentially allowing remote code execution. #CVE-2025-13223 #V8Engine
Keypoints
- A zero-day vulnerability in Chrome was exploited in the wild, prompting an emergency update.
- The flaw, tracked as CVE-2025-13223, is a high-severity type confusion bug in the V8 JavaScript engine.
- Exploitation could lead to crashes, remote code execution, and malicious operations via crafted HTML pages.
- Googleβs Threat Analysis Group identified the bug, which may have been targeted by commercial spyware vendors.
- This is the seventh zero-day fixed in Chrome this year, with recent updates also fixing additional high-severity vulnerabilities.
Read More: https://www.securityweek.com/chrome-142-update-patches-exploited-zero-day/