Memory Handling Flaw in WebKitGTK Affects Multiple Versions
CVE-2025-66287

8.8HIGH

Key Information:

Vendor

The Webkitgtk Team

Status
Webkitgtk
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.2 Advanced Update Support
Vendor
CVE Published:
4 December 2025

What is CVE-2025-66287?

A vulnerability has been identified in WebKitGTK that arises from improper memory handling when processing malicious web content. This flaw could potentially lead to unexpected process crashes, severely impacting the usability and security of applications relying on WebKitGTK. Users are encouraged to review the relevant security advisories to understand the implications and take appropriate actions to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Red Hat Enterprise Linux 7 Extended Lifecycle Support 0:2.50.3-2.el7_9

Red Hat Enterprise Linux 8 0:2.50.3-1.el8_10

Red Hat Enterprise Linux 8.2 Advanced Update Support 0:2.50.3-2.el8_2

References

https://access.redhat.com/errata/RHSA-2025:22789
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22790
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:23110
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.