AI description
CVE-2025-10200 is a use-after-free vulnerability found in the Serviceworker component of Google Chrome. This flaw could be exploited by a remote attacker to potentially cause heap corruption. The vulnerability can be triggered when a program attempts to use memory after it has been deallocated. To exploit this, an attacker could craft a malicious HTML page that, when visited, could allow the attacker to run arbitrary code on the victim's system. Google Chrome version 140.0.7339.127 resolves this vulnerability.
- Description
- Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- chrome-cve-admin@google.com
- CWE-416
- Hype score
- Not currently trending
Google Chrome の脆弱性 CVE-2025-10200/10201 が FIX:リモート・コード実行の恐れ https://t.co/Z54dTFg8vz Chrome に、2つの深刻な脆弱性が発見されました。ひとつは Serviceworker コンポーネントにおける use-after-free
@iototsecnews
22 Sept 2025
137 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cybercrime heats up with AI exploits, zero-days, massive breaches, and crypto hacks in the last hour 🚨 Here’s what you must know now: 🛠️ Critical zero-days in Chrome patched twice this hour (CVE-2025-10200 & CVE-2025-10585) allow full remote code execution on multi
@np_cyber_news
18 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Warnung: Kritische Chrome-Sicherheitslücke CVE-2025-10200 - Hintergründe und Schutzmassnahmen 15.09.25 Die von Google veröffentlichte CVE-2025-10200 stellt eine der gravierendsten Sicherheitslücken der letzten Monate im Chrome-Browser dar… https://t.co/63ZkJ
@tarifrechner
16 Sept 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Warnung: Kritische Chrome-Sicherheitslücke CVE-2025-10200 - Hintergründe und Schutzmaßnahmen-- Die von Google veröffentlichte CVE-2025-10200 stellt eine der gravierendsten Sicherheitslücken der letzten Monate im Chrome-Browser dar. In der Serviceworker-Kompon
@tarifrechner
15 Sept 2025
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Warnung: Kritische Chrome-Sicherheitslücke CVE-2025-10200 - Hintergründe und Schutzmaßnahmen-- Die von Google veröffentlichte CVE-2025-10200 stellt eine der gravierendsten Sicherheitslücken der letzten Monate im Chrome-Browser dar. In der Serviceworker-Kompon
@tarifrechner
15 Sept 2025
1 Impression
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google patched a critical Chrome flaw in the Serviceworker component (CVE-2025-10200), awarding a researcher $43K. Another bug in Mojo IPC earned $30K. No reports of active exploitation yet. #CVE2025 #ChromePatch #USA https://t.co/kmSWuQYXn7
@TweetThreatNews
12 Sept 2025
136 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
⚠️Vulnerabilidades en Google Chrome ❗CVE-2025-10200 ❗CVE-2025-10201 ➡️Más info: https://t.co/Acw9G3vDBH https://t.co/41OVfj6M7b
@CERTpy
12 Sept 2025
133 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Chromium: CVE-2025-10200 Use after free in Serviceworker https://t.co/y6PJjjl86E #SecQube #cybersecurity
@SecQube
12 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chromeの深刻な脆弱性CVE-2025-10200とCVE-2025-10201の詳細 https://t.co/9WNMh3Kokx #Security #セキュリティ #ニュース
@SecureShield_
12 Sept 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The @googlechrome team sent me this gift. It’s cute, thanks. In return, I submitted a new bug report( CVE-2025-10200). @arw @amyexp @adehohum https://t.co/VHLXuGCcPk https://t.co/1kA7bFN3bS
@loobeny
11 Sept 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google、Chromeの定例アップデートで2件の脆弱性を修正(CVE-2025-10200,CVE-2025-10201) https://t.co/JDelGP252B #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
11 Sept 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-10200 Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM… https://t.co/3uoC34Okb9
@CVEnew
10 Sept 2025
292 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome users: update ASAP! Google just patched a critical flaw (CVE-2025-10200) that could let hackers hijack your browser with a single malicious site. Details + protection tips in my latest blog 👇 https://t.co/3mYyavCpjw #CyberSecurity #GoogleChrome #RCE https://t.co/O
@digitalinsiire
10 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
woah... (CVE-2025-10200)[$43000][Critical][Serviceworker][440454442]A race condition between handling request timeouts and starting new requests -> UAF https://t.co/409YmnqPnp https://t.co/PDmxuqMVyO Reported by Looben Yang
@xvonfers
10 Sept 2025
5674 Impressions
6 Retweets
37 Likes
22 Bookmarks
0 Replies
1 Quote
GoogleはChromeの緊急セキュリティアップデートを発表し、2つの重大な脆弱性を修正しました。特に、CVE-2025-10200は、ServiceWorkerコンポーネントのクリティカルな「use-after-free」脆弱性で、攻撃者がユーザーシステ
@cyber_edu_jp
10 Sept 2025
116 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "515BBD56-1D06-4D50-8CAE-257BAC56F3B1",
"versionEndExcluding": "140.0.7339.127"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]