CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild – Source: socprime.com

Hot on the heels of the critical SAP NetWeaver CVE-2025-31324 exploitation campaign active since April 2025, another zero-day vulnerability has surfaced in the spotlight. Google recently issued emergency patches for three Chrome vulnerabilities, including one actively weaponized in in-the-wild attacks. The most critical, tracked as CVE-2025-5419, lets remote attackers trigger heap corruption using a crafted HTML page in versions prior to 137.0.7151.68.

According to Mandiant’s M-Trends 2025 Report, in 2024, attackers most frequently gained access to organizations by exploiting vulnerabilities. The growing prevalence of zero-day vulnerabilities and their exploitation calls into question the adequacy of existing security measures and underscores the urgency for more proactive defense strategies.

Sign up for the SOC Prime Platform to access a global active threats feed, delivering actionable threat intelligence and expertly curated detection content to help you quickly detect and mitigate real-world attacks leveraging critical zero-day vulnerabilities. Browse an extensive library of Sigma rules tagged by “CVE,” supported by a comprehensive product suite designed for reinforcing defenses at scale.

All detection rules are compatible with the industry-leading SIEM, EDR, and Data Lake technologies and are mapped to MITRE ATT&CK to help security engineers accelerate their threat research. The Platform empowers defenders to instantly access verified detection content enriched with CTI links, attack timelines, audit configurations, triage recommendations, and more actionable metadata. Click Explore Detections below to drill down to the relevant context-enriched detection algorithms for proactive defense against current and existing vulnerabilities filtered by the “CVE” tag:

Explore Detections

CVE-2025-5419 Analysis

A new critical CVE-2025-5419 zero-day vulnerability is an out-of-bounds read/write flaw in Chrome’s V8 JavaScript and WebAssembly engine, enabling remote attackers to trigger heap corruption via maliciously crafted HTML pages. 

The flaw has been added to the CISA’s Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation in the wild. This high-severity vulnerability affects Chrome versions earlier than 137.0.7151.68 and poses serious security threats to millions of users globally. 

The zero-day impacts a range of Chromium-based browsers, including Google Chrome, Microsoft Edge, Opera, and others. It stems from out-of-bounds memory access in the V8 engine, which may allow attackers to manipulate memory and potentially execute arbitrary code or escape the browser sandbox.

Google acted quickly to address the threat, deploying an initial CVE-2025-5419 mitigation via a configuration update across all Chrome platforms on May 28, 2025. This was followed by emergency patches, resolving the issue in Chrome versions 137.0.7151.68/.69 for Windows and Mac and 137.0.7151.68 for Linux. In its advisory, the vendor confirmed awareness of active exploitation of CVE-2025-5419, though specific attack details are being withheld until more users apply the update. This slaw marks the third Chrome zero-day vulnerability to be actively exploited in 2025, underscoring the ongoing and growing threat landscape facing modern web browsers.

To keep a finger on the pulse of the evolving attack surface, organizations should be equipped with a future-proof toolkit that reinforces their overall cybersecurity posture. By leveraging SOC Prime Platform, built on zero-trust principles and backed by a cutting-edge fusion of technologies, AI, and automation capabilities, organizations can preempt and disrupt high-profile attacks at their early stages.

Was this article helpful?

Like and share it with your peers.