Pavel Kuzmin

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 140.0.7339.80 Microsoft Edge versions prior to 140.0.7339.80 **Description** A use-after-free issue exists in the V8 JavaScript engine used by Google Chrome and Microsoft Edge. This flaw could allow a remote attacker to exploit heap corruption through a specially crafted HTML page, potentially leading to arbitrary code execution or a denial-of-service condition. The vulnerability allows attackers to affect the system. An exploit for this issue has been developed, involving heap spraying techniques, though its reliability is not fully confirmed. A security researcher from Yandex Security Team discovered this issue within the Chromium project. **Recommendations** Update Google Chrome to version 140.0.7339.80 or later. Update Microsoft Edge to version 140.0.7339.80 or later.