Google Issues Emergency Patch For Billions Of Chrome Users To Fix Actively Exploited 0-Day

It has been a busy year for the Chrome development team, as they've had to contend with several zero-day security flaws. This latest set of vulnerabilities is of particular concern because Google has evidence of one of them being actively exploited by threat actors. Thankfully, a fix is beginning to roll out to users.

The first vulnerability, labeled as CVE-2025-13223, is a Type Confusion found in Chrome’s V8 JavaScript and Web Assembly engine. This kind of flaw occurs when a program uses a different data type than intended, for example trying to use an integer as a character. In this case, it can allow a "remote attacker to potentially exploit heap corruption via a crafted HTML page."

While Google has already witnessed this zero day being exploited in the wild, it’s still not divulging many details as it’s hoping to minimize the damage that can stem ...