Chrome V8 Engine Vulnerability Could Enable Remote Code Execution Attacks

Threat: Vulnerability

Targeted Region: Global

Targeted Sector: Technology & IT

Criticality: High

EXECUTIVE SUMMARY:

A high-severity flaw has been addressed CVE-2025-12036 in Google Chrome releases for Windows, macOS, and Linux, targeting the V8 JavaScript engine. This flaw could allow a crafted web page to execute arbitrary code in the browsers renderer process, risking data exposure, sandbox escape, or privilege escalation. It should update immediately to the latest version. Organizations must prioritize fleet-wide deployment, apply browser hardening and least-privilege controls, monitor for unusual renderer crashes or suspicious web payloads, and ensure endpoint detection and isolation policies are prepared to contain potential exploit attempts. The vulnerability has a CVSS score of 7.5.

RECOMMENDATION:

We strongly recommend you update Google Chrome for Linux to version 141.0.7390.122 and for Windows, macOS to version 141.0.7390.122/.123.

REFERENCES:

The following reports contain further technical details:

https://securityonline.info/chrome-update-new-high-severity-flaw-in-v8-engine-cve-2025-12036-requires-immediate-patch/

Recent Advisories

Critical Command Injection Vulnerabilities Discovered in TP-Link Omada Gateway Devices

October 21, 2025

Squid Vulnerability Exposes HTTP Authentication Credentials to Attackers Remotely

October 20, 2025

WaterPlum APT Targets Crypto Job Seekers Through ClickFake Interviews with OtterCandy Malware

October 20, 2025

Critical Keras 3 RCE Flaw Allows Code Execution on Model Load

October 20, 2025

Chrome V8 Engine Vulnerability Could Enable Remote Code Execution Attacks

Recent Advisories

Report an Incident