Overview
- CERT-In has classified multiple security flaws in Google Chrome as high risk in vulnerability note CIVN-2025-0130.
- The vulnerabilities originate from an integer overflow in the V8 engine and use-after-free errors in the Profiler component.
- Exploitation of these bugs could enable remote code execution, denial of service or unauthorized disclosure of sensitive data.
- Google has released Chrome version 137.0.7151.119 for Linux and 137.0.7151.119/.120 for Windows and macOS to address the issues.
- Users should update immediately via Help > About Google Chrome and verify that automatic updates are enabled to receive future security fixes.