Google releases security update for Chrome patching high severity V8 Engine flaws
Take action: If you are using Google Chrome or other Chromium based browsers (Edge, Brave, Vivaldi, Opera...) patch your browser. It's not a panic mode patch, but patching is a very wise choice.
Learn More
Google has released a security update for its Chrome browser, addressing three high-severity vulnerabilities that could allow attackers to leak sensitive information and cause system instability.
Vulnerabilities summary
CVE-2025-10890 (No CVSS score, Google severity High) - Side-channel information leakage vulnerability in the V8 JavaScript engine, allowing attackers to extract sensitive data from users’ browsing sessions by exploiting timing differences in code execution
CVE-2025-10891 (No CVSS score, Google severity High) - Integer overflow vulnerability in the V8 engine, identified by Google’s automated security research project, Big Sleep
CVE-2025-10892 (No CVSS score, Google severity High) - Integer overflow vulnerability in the V8 engine, identified by Google’s automated security research project, Big Sleep
Google’s security team emphasized that access to detailed bug information remains restricted until most users receive the security patches.
Chrome users should immediately update their browsers to protect against these vulnerabilities.
The update will roll out gradually over the coming days and weeks through Chrome’s automatic update mechanism.
Users can manually check for updates by navigating to Chrome’s settings menu and selecting “About Chrome.”
