CVE-2025-0997

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Feb 15, 2025

Updated: Feb 19, 2025

CWE ID 416

Summary

CVE-2025-0997 is a high-severity vulnerability affecting Google Chrome versions prior to 133.0.6943.98. This issue involves a use-after-free condition in the Navigation component, which can be exploited by a remote attacker. By creating a specially crafted Chrome Extension, an adversary could potentially induce heap corruption and gain unauthorized control over the affected system. Users are advised to update Google Chrome to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Google Chrome

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3CMBp7
https://www.cve.org/CVERecord?id=CVE-2025-0997
https://nvd.nist.gov/vuln/detail/CVE-2025-0997

Back to Vulnerability Database