1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Google Chromium V8 Type Confusion Vulnerability

Known Exploited Vulnerabilities CVE-2025-6554

Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2025-6554 Google Chromium V8 Type Confusion Vulnerability exploitation_technique T1203 Exploitation for Client Execution
Comments
Victims are tricked into visiting malicious web pages crafted to trigger memory corruption, which can lead to arbitrary code execution.
References
  1. https://www.secpod.com/blog/google-issues-emergency-fix-for-actively-exploited-chrome-zero-day-cve-2025-6554/
  2. https://thehackernews.com/2025/07/google-patches-critical-zero-day-flaw.html https://www.menlosecurity.com/blog/chrome-zero-day-why-browser-security-is-no-longer-optional?utm_source=feedly
CVE-2025-6554 Google Chromium V8 Type Confusion Vulnerability exploitation_technique T1189 Drive-by Compromise
Comments
Victims are tricked into visiting malicious web pages crafted to trigger memory corruption, which can lead to arbitrary code execution.
References
  1. https://www.secpod.com/blog/google-issues-emergency-fix-for-actively-exploited-chrome-zero-day-cve-2025-6554/
  2. https://thehackernews.com/2025/07/google-patches-critical-zero-day-flaw.html https://www.menlosecurity.com/blog/chrome-zero-day-why-browser-security-is-no-longer-optional?utm_source=feedly
CVE-2025-6554 Google Chromium V8 Type Confusion Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
Victims are tricked into visiting malicious web pages crafted to trigger memory corruption, which can lead to arbitrary code execution.
References
  1. https://www.secpod.com/blog/google-issues-emergency-fix-for-actively-exploited-chrome-zero-day-cve-2025-6554/
  2. https://thehackernews.com/2025/07/google-patches-critical-zero-day-flaw.html https://www.menlosecurity.com/blog/chrome-zero-day-why-browser-security-is-no-longer-optional?utm_source=feedly