CVE-2025-13223

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 142.0.7444.175

Description A type confusion error exists in the V8 JavaScript engine, which is the component that handles JavaScript execution. Type confusion occurs when a program accesses a resource using an incompatible data type, leading to logic errors. This flaw allows a remote attacker to cause heap corruption—a condition where memory files in active use are not stored properly—by enticing a user to visit a specially crafted HTML page. Successful exploitation can lead to remote code execution, denial of service, or information disclosure, such as the scraping of account names, passwords, and browsing history. This issue has been actively exploited in the wild.

Recommendations Update to version 142.0.7444.175 or later.