Heap Buffer Overflow in Google Chrome Affects ANGLE Component
CVE-2025-10502

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 24 September 2025

What is CVE-2025-10502?

A heap buffer overflow vulnerability exists in the ANGLE component of Google Chrome versions before 140.0.7339.185. This flaw could allow remote attackers to exploit the affected software via crafted network traffic, potentially leading to heap corruption. Users are advised to update their browsers to mitigate the risks associated with this vulnerability.

Affected Version(s)

Chrome 140.0.7339.185

References

https://chromereleases.googleblog.com/2025/09/stable-chan...

https://issues.chromium.org/issues/438038775

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2025
Vulnerability Reserved
Sep 16, 2025

JSON