{"id":79380,"date":"2025-09-30T17:03:33","date_gmt":"2025-09-30T17:03:33","guid":{"rendered":""},"modified":"2025-10-21T00:34:08","modified_gmt":"2025-10-21T06:34:08","slug":"cve-2025-10890-high-severity-side-channel-information-leakage-in-v8-of-google-chrome","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-10890-high-severity-side-channel-information-leakage-in-v8-of-google-chrome\/","title":{"rendered":"CVE-2025-10890: High Severity Side-Channel Information Leakage in V8 of Google Chrome<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

CVE-2025-10890 is a high severity vulnerability that exists in the V8 JavaScript engine of Google Chrome versions prior to 140.0.7339.207. This flaw allows an attacker to leak cross-origin data, providing them with potentially sensitive information which can be exploited for further attacks. The vulnerability is of particular concern to all Google Chrome<\/a> users, including individuals and organizations, due to its high severity rating and the widespread use of the browser.
\nThe discovery of this vulnerability highlights the constant vigilance required in the cybersecurity landscape, as even widely used and trusted platforms like Google Chrome can host critical vulnerabilities<\/a>. This vulnerability is considered highly critical because of the potential<\/a> for system compromise or data leakage, which can lead to significant losses and damages if exploited.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-10890
\nSeverity: High (CVSS: 9.1)
\nAttack Vector: Remote
\nPrivileges Required: None
\nUser Interaction: Required
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n