CVE-2025-6558

HIGH KEV

Google Chrome <138.0.7204.157 - RCE

Title source: llm

Description

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Exploits (2)

nomisec STUB 7 stars

by DevBuiHieu · client-side

https://github.com/DevBuiHieu/CVE-2025-6558-Proof-Of-Concept

View Code ZIP pw:eip

nomisec WRITEUP 1 stars

by gmh5225 · poc

https://github.com/gmh5225/CVE-2025-6558-exp

View Code ZIP pw:eip

References (10)

[Release Notes] https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html

[Issue Tracking, Permissions Required] https://issues.chromium.org/issues/427162086

[Third Party Advisory] http://seclists.org/fulldisclosure/2025/Aug/0

[Third Party Advisory] http://seclists.org/fulldisclosure/2025/Jul/30

[Third Party Advisory] http://seclists.org/fulldisclosure/2025/Jul/32

[Third Party Advisory] http://seclists.org/fulldisclosure/2025/Jul/35

[Third Party Advisory] http://seclists.org/fulldisclosure/2025/Jul/37

[Mailing List] http://www.openwall.com/lists/oss-security/2025/08/02/1

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6558

Scores

CVSS v3 8.8

EPSS 0.0022

EPSS Percentile 44.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-07-22

VulnCheck KEV 2025-07-15

ENISA EUVD EUVD-2025-21546

CWE

CWE-20

Status published

Products (10)

apple/ipados < 18.6

apple/iphone_os < 18.6

apple/macos < 15.6

apple/safari < 18.6

apple/visionos < 2.6

apple/watchos < 11.6

debian/debian_linux 11.0

google/chrome < 138.0.7204.157

webkitgtk/webkitgtk < 2.48.0

wpewebkit/wpe_webkit < 2.48.0

Published Jul 15, 2025

KEV Added Jul 22, 2025

Tracked Since Feb 18, 2026