Unrated severityCISA KEVNVD Advisory· Published Jun 30, 2025· Updated Oct 21, 2025
CVE-2025-6554
CVE-2025-6554
Description
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Affected products
11- osv-coords9 versionspkg:apk/chainguard/chromiumpkg:apk/chainguard/chromium-docker-selenium-compatpkg:apk/chainguard/chromium-langpkg:apk/chainguard/chromium-qtpkg:apk/wolfi/chromiumpkg:apk/wolfi/chromium-docker-selenium-compatpkg:apk/wolfi/chromium-langpkg:apk/wolfi/chromium-qtpkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
< 138.0.7204.92-r0+ 8 more
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.92-r0
- (no CPE)range: < 138.0.7204.96-1.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.