Google has released an emergency update for its Chrome browser to patch three security vulnerabilities, including CVE-2025-5419, a high-severity flaw in the V8 JavaScript engine that is already being actively exploited. The vulnerability, an out-of-bounds read and write issue, could allow remote attackers to corrupt the heap via a crafted HTML page; users are urged to update to Chrome version 137.0.7151.68/.69 immediately, with Chromium-based browser users also advised to apply the fixes as they become available.
Google has released an out-of-band security update for its Chrome browser, addressing three vulnerabilities, including the high-severity flaw CVE-2025-5419 (CVSS score: 8.8). This specific vulnerability, an out-of-bounds read and write issue in the V8 JavaScript and WebAssembly engine, is reportedly under active exploitation, potentially allowing remote attackers to achieve heap corruption via a crafted HTML page. Google's Threat Analysis Group identified the flaw on May 27, 2025, and a fix was rapidly deployed via a configuration change the following day. This incident marks the second actively exploited zero-day vulnerability patched by Google for Chrome in the current year, highlighting ongoing cybersecurity challenges. While Google is limiting disclosure on the exploit details, a standard procedure to facilitate widespread user patching, the news has generated a moderately negative sentiment for Alphabet (GOOGL/GOOG at -0.5) and a cautious market tone overall, though the direct market impact score is low at 0.25. Users of other Chromium-based browsers, including Microsoft Edge and Opera, are also advised to apply updates as they become available, indicating a broader ecosystem impact beyond Google's direct user base.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Overall Sentiment
moderately negative
Sentiment Score
-0.35
Ticker Sentiment
