Severity
High
Analysis Summary
CVE-2025-10890 CVSS:8.1
Google Chrome could allow a remote attacker to obtain sensitive information, caused by a side-channel information leakage in V8.
CVE-2025-10891 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in V8.
Impact
- Information Disclosure
- Code Execution
Indicators of Compromise
CVE
CVE-2025-10890
CVE-2025-10891
Affected Vendors
Affected Products
- Google Chrome - 140.0
Remediation
Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.