What the vulnerability does

01Description

Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Key dates

02Disclosure timeline

June 11, 2025 CVE published
February 26, 2026 Record updated