Blog Trainings Request a Demo Login
Get Your Free Report
Start for Free
SOCRadar® Cyber Intelligence Inc. | CVE-2025-10585: New Chrome V8 Zero-Day Exploited in the Wild
Sep 18, 2025
2 Mins Read
Moon

CVE-2025-10585: New Chrome V8 Zero-Day Exploited in the Wild

Google has released a security update for Chrome users, involving a serious vulnerability that is exploited in the wild. The flaw, identified as CVE-2025-10585, affects the V8 JavaScript and WebAssembly engine that powers core browser functionality. If you use Chrome, or any Chromium-based browser like Edge or Brave, this is a patch you do not want to ignore.

What Is CVE-2025-10585?

CVE-2025-10585 is a newly discovered zero-day vulnerability caused by a type confusion issue in Chrome’s V8 engine, which handles JavaScript and WebAssembly code execution. Google has rated it as “high severity” and confirmed that it’s being actively exploited – this type of flaw could allow attackers to crash the browser, or even execute arbitrary code.

Google’s Threat Analysis Group (TAG) reported the vulnerability on September 16, just one day before the advisory was published. Technical specifics are currently withheld to prevent further abuse before users update.

Other Security Fixes in This Update

CVE-2025-10585 was not the only fix rolled out. The September 17 Stable Channel update also patched three other high-severity vulnerabilities:

  • CVE-2025-10500: Use-after-free bug in Dawn
  • CVE-2025-10501: Use-after-free issue in WebRTC.
  • CVE-2025-10502: Heap buffer overflow in ANGLE

While none of these were confirmed as exploited, their severity ratings make them just as important to patch.

SOCRadar’s Vulnerability Intelligence

SOCRadar’s Vulnerability Intelligence

When new vulnerabilities are disclosed, or before they become widely known, security teams need more than patch notes. They need context. SOCRadar’s Cyber Threat Intelligence (CTI) module delivers real-time insights into the latest CVEs, confirmed exploit activity, and attacker behaviors.

With Vulnerability Intelligence, you can quickly understand which flaws matter most to your environment, prioritize fixes, and reduce exposure before adversaries make their move.

Update Chrome Now to Stay Protected

To stay protected, make sure your browser is up to date and monitor for related vulnerability disclosures. Regularly updating Chrome or any Chromium-based browser is essential, as fixes are rolled out through version updates.

The patched versions are:

  • 140.0.7339.185/.186 for Windows and macOS
  • 140.0.7339.185 for Linux

For more information, visit the official Google advisory.

Table Of Content
Related Articles
SOCRadar® Cyber Intelligence Inc. | CVE-2025-48595: June 2026 Android Security Update Fixes Framework Zero-Day
CVE-2025-48595: June 2026 Android Security Update Fixes Framework Zero-Day
Jun 03, 2026
SOCRadar® Cyber Intelligence Inc. | Charter Data Breach: ShinyHunters Claims 42 Million Records Stolen on the Dark Web
Charter Data Breach: ShinyHunters Claims 42 Million Records Stolen on the Dark Web
May 29, 2026
SOCRadar® Cyber Intelligence Inc. | April 2026: ShinyHunters Hits Medtronic and ADT as North Korean Hackers Drain DeFi Protocols
April 2026: ShinyHunters Hits Medtronic and ADT as North Korean Hackers Drain DeFi Protocols
May 29, 2026
SOCRadar® Cyber Intelligence Inc. | TrapDoor: Malicious npm, PyPI, Crates.io Packages Target Developer Secrets & AI Tooling
TrapDoor: Malicious npm, PyPI, Crates.io Packages Target Developer Secrets & AI Tooling
May 25, 2026
SOCRadar® Cyber Intelligence Inc. | CVE-2026-20223: Cisco Secure Workload Auth Bypass Grants Site Admin Access
CVE-2026-20223: Cisco Secure Workload Auth Bypass Grants Site Admin Access
May 22, 2026
Free Dark Web Report
Is your Domain Exposed? Find Out.