The now-resolved vulnerability in Google Chrome’s JavaScript Engine is not believed to have been actively exploited.
Google has fixed a new security flaw in Chrome for Windows, macOS, and Linux. According to the company, the vulnerability is not yet being actively exploited, but it has been labeled as ‘high risk’.
Discovered by AI Tool
The vulnerability (CVE-2025-12036) was discovered by Google Big Sleep, an AI system based on Gemini that autonomously detects security issues. It appears to be an implementation flaw in Chrome’s V8 JavaScript Engine, which is responsible for executing scripts in the browser. It’s novel that AI discovered this type of vulnerability without human intervention, indicating that Google is increasingly using automation in security research.
Chrome typically updates automatically when a new version is available. Those who want to do it manually can start the update via
Other Browsers to Follow
Other Chromium-based browsers such as Microsoft Edge, Brave, and Vivaldi will soon adopt the patch as well. According to Google, the vulnerability only occurs in Chromium 141. Nevertheless, the tech giant advises users to update their browser as soon as possible to avoid risks.