Out of Bounds Memory Vulnerability in Google Chrome on Android
CVE-2025-12725

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 10 November 2025

🔔 Create Google Vulnerability Alert

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-12725?

A vulnerability in Google Chrome on Android enables an out of bounds read in the WebGPU feature. This flaw allows attackers to manipulate memory regions and potentially execute unintended code through specially crafted HTML pages. Users of versions prior to 142.0.7444.137 are particularly at risk, making timely updates essential to mitigate potential exploitation.

Affected Version(s)

Chrome 142.0.7444.137

News Articles

The Cyber Express

Google Chrome 142 Fixes RCE Flaws CVE-2025-12725, 12727

Google’s Chrome 142 update patches critical RCE bugs, including CVE-2025-12725 in WebGPU and CVE-2025-12727 in V8. Users urged to update immediately.

thmubnail image

References

https://chromereleases.googleblog.com/2025/11/stable-chan...

https://issues.chromium.org/issues/443906252

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 10, 2025
👾
Exploit known to exist
Nov 6, 2025
📰
First article discovered by The Cyber Express
Nov 6, 2025
Vulnerability Reserved
Nov 4, 2025

.

CVE-2025-12725 : Out of Bounds Memory Vulnerability in Google Chrome on Android