**Name of the Vulnerable Software and Affected Versions:**

Google Chrome versions prior to 139.0.7258.138

Chromium versions prior to 139.0.7258.138

Debian Chromium versions prior to 139.0.7258.138-1~deb12u1 (bookworm)

Debian Chromium versions prior to 139.0.7258.138-1~deb13u1 (trixie)

**Description:**

An out-of-bounds write issue exists in the V8 JavaScript engine. This flaw allows a remote attacker to potentially exploit heap corruption via a crafted HTML page, potentially leading to remote code execution. The vulnerability was discovered by Big Sleep AI from Google DeepMind and Project Zero.

**Recommendations:**

Google Chrome versions prior to 139.0.7258.138: Update to version 139.0.7258.138 or later.

Chromium versions prior to 139.0.7258.138: Update to version 139.0.7258.138 or later.

Debian Chromium versions prior to 139.0.7258.138-1~deb12u1 (bookworm): Upgrade to version 139.0.7258.138-1~deb12u1 or later.

Debian Chromium versions prior to 139.0.7258.138-1~deb13u1 (trixie): Upgrade to version 139.0.7258.138-1~deb13u1 or later.