New Zero-Day CVE-2025-10585 Exploit in Chrome's V8 Engine

CVE-2025-10585 Chrome zero-day V8 JavaScript engine vulnerability arbitrary code execution browser security update
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
October 23, 2025 3 min read

TL;DR

A critical zero-day vulnerability, CVE-2025-10585, has been found in Chrome's V8 JavaScript engine and is actively exploited. This flaw allows attackers to execute malicious code on user systems by luring them to compromised websites. Google has released an urgent update to patch this and other vulnerabilities. Ensure your Chrome browser and other Chromium-based browsers are updated immediately to prevent potential compromise.

Chrome V8 Zero-Day Vulnerability: CVE-2025-10585

A new zero-day vulnerability, CVE-2025-10585, has been discovered in Google Chrome's V8 JavaScript and WebAssembly engine and is actively being exploited in the wild. This high-severity type confusion flaw allows attackers to execute malicious code on victims' systems by luring them to compromised websites with crafted JavaScript.

Technical Details of CVE-2025-10585

CVE-2025-10585 is a type confusion vulnerability within the V8 JavaScript engine, which can lead to arbitrary code execution. The vulnerability occurs when the V8 engine misinterprets the data it's working with, leading to memory corruption and potential control of the browser. Google's Threat Analysis Group discovered the flaw on September 16, 2025. Technical and exploitation details are being withheld to prevent further abuse before users can apply the patch. Type confusion vulnerabilities have been exploited in the past by creating websites with specially crafted JavaScript code that triggers the vulnerability when users visit these malicious sites.

Impact and Exploitation

Successful exploitation of CVE-2025-10585 allows remote attackers to execute arbitrary code by tricking users into visiting a malicious website. The V8 engine misinterprets data, leading to memory corruption and potential control of the browser. Attackers can create websites with crafted JavaScript to trigger the type confusion, potentially leading to arbitrary code execution on the user's computer. Google's advisory confirms that an exploit for CVE-2025-10585 exists in the wild, marking it as the sixth zero-day in Chrome this year to be actively exploited.

Affected Versions and Updates

The vulnerability affects Google Chrome versions prior to:

  • Chrome 140.0.7339.185/.186 on Windows and macOS
  • Chrome 140.0.7339.185 on Linux

Users are advised to update to the latest versions to mitigate the risk. The update also patches three other high-severity vulnerabilities, including CVE-2025-10500, a use-after-free bug in the Dawn WebGPU implementation. Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, should also install the corresponding security updates as soon as they are released.

Mitigation and Detection Strategies

To mitigate the risks associated with CVE-2025-10585, users should update Chrome to the latest version. Organizations should prioritize patching and apply extra safeguards until all systems are updated. SOC Prime offers detection tools and Sigma rules to identify exploitation attempts.

General detection methods include:

  • Monitoring for unusual outbound connections from Chrome processes.
  • Using Endpoint Detection and Response (EDR) solutions to observe abnormal behaviors.
  • Regularly reviewing system and application logs for error messages related to the V8 engine.

Related Vulnerabilities and Security Practices

This is the sixth actively exploited Chrome zero-day this year. Other recent vulnerabilities include CVE-2025-5419 and CVE-2025-6558. Users should avoid clicking on suspicious links in emails or on websites. Running a dedicated security solution on all devices is also recommended. Staying updated with the latest security patches is crucial, even for those who may not consider themselves high-risk targets.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

WinRAR CVE-2025-6218 Vulnerability Under Active Attack by Threat Groups
WinRAR vulnerability

WinRAR CVE-2025-6218 Vulnerability Under Active Attack by Threat Groups

CISA flags WinRAR CVE-2025-6218 as actively exploited. Learn about this path traversal flaw and how to protect your systems. Update now!

By Jim Gagnard December 11, 2025 3 min read
Read full article
Malicious VSCode Extensions Launch Multi-Stage Attacks and Infostealers
malicious VSCode extensions

Malicious VSCode Extensions Launch Multi-Stage Attacks and Infostealers

Beware of malicious VSCode extensions & device code phishing scams. Learn how these attacks steal credentials, capture screens, and hijack sessions. Protect yourself now!

By Alan V Gutnov December 10, 2025 6 min read
Read full article
PRC State-Sponsored BRICKSTORM Malware Targets Critical Infrastructure
BRICKSTORM malware

PRC State-Sponsored BRICKSTORM Malware Targets Critical Infrastructure

Discover how PRC state actors are using BRICKSTORM malware to gain persistent access via VMware. Learn about its advanced evasion techniques and how to defend your systems. Read now!

By Divyansh Ingle December 9, 2025 3 min read
Read full article
Google Patches 107 Android Vulnerabilities, Including Zero-Days
Android security

Google Patches 107 Android Vulnerabilities, Including Zero-Days

Google's December update fixes 107 Android vulnerabilities, including two zero-days. Ensure your device is protected! Check your security update level now.

By Divyansh Ingle December 8, 2025 3 min read
Read full article