Heap Corruption Vulnerability in Media Component of Google Chrome
CVE-2025-5958

8.8HIGH

Key Information:

Vendor

Google
Status
Chrome
Vendor
CVE Published:
11 June 2025

Badges

๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2025-5958?

A use after free vulnerability in the Media component of Google Chrome prior to version 137.0.7151.103 could allow a remote attacker to exploit heap corruption. By crafting a malicious HTML page, an attacker may disrupt memory management practices, posing significant risks to user security and privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Chrome 137.0.7151.103

News Articles

favicon imageGBHackers News

Multiple Chrome Flaws Enable Remote Code Execution by Attackers

The rollout will take place gradually over the coming days and weeks, ensuring smooth deployment and minimal disruption for users.

favicon imageCyber Press

Multiple Chrome Vulnerabilities Enable Remote Code Execution by Attackers

Google has released an security update for its Chrome browser to address two critical vulnerabilities that could potentially allow attackers to execute malicious code.

References

https://chromereleases.googleblog.com/2025/06/stable-chan...
https://issues.chromium.org/issues/420150619

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by Cyber Press

  • Vulnerability published

  • Vulnerability Reserved

JSON
.