Particle.news
Download on the App Store
3 ARTICLES
·
11h ago

Emergency Chrome and Edge Patches Roll Out as CISA Sets June 26 Deadline

The patches fix an active V8 vulnerability threatening heap corruption across Chromium browsers

Image
Google Chrome

Overview

  • Google deployed its emergency Chrome update on June 3 after mitigating the flaw with a configuration change on May 28
  • Microsoft released a corresponding Edge patch to address CVE-2025-5419 following Google’s advisory
  • CVE-2025-5419 is an out-of-bounds read/write in V8 that can enable remote heap-corruption exploits via crafted HTML pages
  • The emergency release also corrects CVE-2025-5068, a use-after-free memory bug in Blink disclosed by an external researcher
  • CISA has ordered all federal staff to install Chromium browser updates or stop using the software by June 26 to counter active exploits