Privilege Escalation Vulnerability in Google Chrome on Windows
CVE-2025-12726

7.5HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-12726?

A vulnerability in the implementation of Views in Google Chrome on Windows allows attackers to escalate privileges by exploiting a crafted HTML page within the compromised renderer process. This flaw can be utilized to potentially gain unauthorized access and control over system resources, posing a significant security risk for users of affected Chrome versions prior to 142.0.7444.137.

Affected Version(s)

Chrome 142.0.7444.137

References

https://chromereleases.googleblog.com/2025/11/stable-chan...

https://issues.chromium.org/issues/447172715

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Nov 4, 2025

JSON