CVE-2025-8292

CVE-2025-8292

Information

CVE_ID              : CVE-2025-8292
Severity            : HIGH
Published        : 2025-07-30T02:17:37.720
LastModified  : 2025-08-01T14:37:02.543
Updated          : 2025-08-01T14:37:02.543
Status              : Analyzed

Descriptions:

Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)


Know Exploitability

Exploitability : False

Vendor Affected

apple

google

linux

microsoft

CVE-2025-8292

V4.0

V3.1

Score : 8.8
Severity : HIGH
Attack Vector : NETWORK
Attack Complexity : LOW
Privileges Required : NONE
User Interaction : REQUIRED
Scope : UNCHANGED
Confidentiality Impact : HIGH
Integrity Impact : HIGH
Availability Impact : HIGH
Exploitability : 2.8
Impact Score : 5.9

V3.0

V2.0

References

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html

https://issues.chromium.org/issues/426054987

Vendor Product
google
  • chrome*****
apple
  • macos-****
linux
  • linux_kernel-****
microsoft
  • windows-****