Use After Free Vulnerability in Google Chrome Product by Google
CVE-2025-14372

6.1MEDIUM

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 12 December 2025

What is CVE-2025-14372?

This vulnerability in Google Chrome's Password Manager involves a use after free flaw that can be exploited by a remote attacker through a specially crafted HTML page. The vulnerability raises concerns as it may allow attackers to escape the sandbox environment, potentially compromising the security of the user's system. Users are advised to update their browser to the latest version to mitigate this risk.

Affected Version(s)

Chrome 143.0.7499.110

References

https://chromereleases.googleblog.com/2025/12/stable-chan...

https://issues.chromium.org/issues/460599518

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 12, 2025
Vulnerability Reserved
Dec 9, 2025

JSON