Privilege Escalation Vulnerability in Google Chrome Extensions
CVE-2025-3070

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 2 April 2025

Summary

A vulnerability exists in Google Chrome Extensions prior to version 135.0.7049.52, due to insufficient validation of untrusted input. This allows remote attackers to escalate privileges by sending specially crafted HTML content, potentially compromising the user's security and privacy. It is crucial to update to the latest version to mitigate the risks associated with this type of attack.

Affected Version(s)

Chrome 135.0.7049.52

References

https://chromereleases.googleblog.com/2025/04/stable-chan...

https://issues.chromium.org/issues/40086360

Timeline

Vulnerability published
Apr 2, 2025
Vulnerability Reserved
Mar 31, 2025