Heap Corruption Vulnerability in Google Chrome
CVE-2025-5283

5.4MEDIUM

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
27 May 2025

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-5283?

A use after free vulnerability in the libvpx component of Google Chrome allows remote attackers to cause heap corruption through specially crafted HTML content. This could enable the execution of arbitrary code or other undesired behaviors, posing a significant security risk to users who visit affected web pages. Users are advised to upgrade to the latest version of Google Chrome to mitigate this threat.

Affected Version(s)

Chrome 137.0.7151.55

News Articles

VulDB Recent Entries | Security

CVE-2025-5283 | Google Chrome up to 136.0.7103.113 libvpx use after free (Nessus ID 237344)(link is external) 11 hours 7 minutes ago A vulnerability was found in Google Chrome and...

5 days ago

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by elvis.hk

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-5283 : Heap Corruption Vulnerability in Google Chrome