High Published: Nov 06, 2025 Modified: Nov 13, 2025

CVE-2025-11206

7.1 CVSS SCORE

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Description

Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction Required

Scope Changed

Confidentiality Low

Integrity Low

Availability Low

Affected Software Configurations

a google chrome * * * * * * * *
o apple macos - * * * * * * *
o linux linux_kernel - * * * * * * *
o microsoft windows - * * * * * * *

Weaknesses (CWE)

CWE-122
CWE-787

References & External Links

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html
https://issues.chromium.org/issues/444755026

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker