CVE-2025-13223

Name of the Vulnerable Software and Affected Versions Chromium versions prior to 142.0.7444.175 Opera versions prior to 124.0.5705.42 Opera GX versions prior to 124.0.5705.38 Opera Air versions prior to 122.0.5643.196 Opera Neon versions prior to 124.0.5705.44 Opera for Android versions prior to 92.6

Description A type confusion vulnerability exists in the V8 JavaScript and WebAssembly engine used in Chromium and Chromium-based browsers. This flaw allows a remote attacker to potentially exploit heap corruption via a crafted HTML page, potentially leading to arbitrary code execution. The vulnerability is actively exploited in the wild, and an exploit exists. The issue affects a wide range of systems, potentially impacting a large number of users. The vulnerability is related to improper handling of V8 objects, creating a path for remote code execution.

Recommendations Update Chromium to version 142.0.7444.175 or later. Update Opera to version 124.0.5705.42 or later. Update Opera GX to version 124.0.5705.38 or later. Update Opera Air to version 122.0.5643.196 or later. Update Opera Neon to version 124.0.5705.44 or later. Update Opera for Android to version 92.6 or later.