PT-2025-32955 · Google+4 · V8+5
0X10N
+1
·
Published
2025-08-12
·
Updated
2025-11-11
·
CVE-2025-8880
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 139.0.7258.127
Microsoft Edge (Chromium-based) versions prior to 139.0.7258.127
Description
A race condition exists in the V8 JavaScript engine component of Google Chrome and Microsoft Edge. This issue can allow a remote attacker to execute arbitrary code within a sandbox by crafting a malicious HTML page. The root cause is synchronization errors when using a shared resource. Exploitation of this issue could allow an attacker to bypass security measures and gain control of the affected system. There is no information available regarding the number of potentially affected devices or any real-world incidents where this issue has been exploited.
Recommendations
Update Google Chrome to version 139.0.7258.127 or later.
Update Microsoft Edge to version 139.0.7258.127 or later.
Fix
RCE
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Google Chrome
Red Os
V8