- Home
- Alerts & Advisories
- Alerts
- Active Exploitation of Zero-Day Vulnerability in Google Chrome
Active Exploitation of Zero-Day Vulnerability in Google Chrome
1 July 2025
Google has released security updates to address a zero-day vulnerability in its Chrome browser. Users and administrators of affected products are advised to update to the latest versions immediately.
Background
Google has released security updates addressing a zero-day vulnerability (CVE-2025-6554) in their Chrome browser.
Impact
Successful exploitation of the type confusion vulnerability in Google Chrome's V8 JavaScript could allow a remote attacker to perform arbitrary read/write operations through a crafted HTML page.
Known Exploitation
This vulnerability is reportedly being actively exploited.
Affected Products
This vulnerability affects versions of Google Chrome prior to 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for Mac and 138.0.7204.96 for Linux.
Mitigation
Users of Chrome browsers are advised to upgrade their browser to the latest versions.
Users are also encouraged to enable automatic updates in Chrome browser to ensure that their software is updated promptly.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-6554
https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html
https://cybersecuritynews.com/chrome-0-day-vulnerability-exploited/