Use After Free Vulnerability in Google Chrome
CVE-2025-5063

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 27 May 2025

🔔 Create Google Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2025-5063?

A use-after-free vulnerability in the Compositing module of Google Chrome can allow remote attackers to exploit heap corruption by crafting and exploiting a malicious HTML page. Affected versions prior to 137.0.7151.55 are susceptible, underscoring the importance of keeping your browser updated to maintain security.

Affected Version(s)

Chrome 137.0.7151.55

News Articles

CVE-2025-5063 CVE-2025-5280

Chrome Security Patch Addresses High-Severity Vulnerabilities Enabling Code Execution

This update, version 137.0.7151.55/56, brings a host of security improvements, bug fixes, and technical enhancements.

1 month ago

thmubnail image

References

https://chromereleases.googleblog.com/2025/05/stable-chan...

https://issues.chromium.org/issues/411573532

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by GBHackers News
May 28, 2025
Vulnerability published
May 27, 2025
Vulnerability Reserved
May 21, 2025

.

CVE-2025-5063 : Use After Free Vulnerability in Google Chrome