Impact
A race condition in the V8 engine of Google Chrome allows a crafted HTML page to trigger type confusion. The inputs do not state the exact exploitation result, but type confusion can lead to memory corruption, potentially enabling remote code execution (inferred) or privilege escalation. The weakness corresponds to CWE-362 and CWE-843. The vulnerability is rated high severity by Chromium security.
Affected Systems
All users of Google Chrome versions prior to 144.0.7559.99 are affected. This includes the stable channel releases of Chrome available on desktop platforms. No specific operating system or architecture is limited in the description.
Risk and Exploitability
The CVSS score is 7.5, indicating a high severity. The attack is remote, relies on a malicious HTML page delivered over the network, and requires the user to load the page in an affected version of Chrome. The EPSS score is <1%, suggesting that exploitation probability is low. The vulnerability is not listed in the CISA KEV catalog, suggesting that no publicly available exploits have been documented at the time of this analysis.
OpenCVE Enrichment
Debian DSA