CVE-2025-11206

Published Nov 6, 2025

Last updated 13 days ago

CVSS high 7.1

Overview

Description
Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Source
chrome-cve-admin@google.com
NVD status
Analyzed
Products
chrome

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.1
Impact score
3.7
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Severity
HIGH

Weaknesses

chrome-cve-admin@google.com
CWE-122
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending

  1. #VulnerabilityReport #Chrome141 Chrome 141 Stable Channel Update Patches High-Severity Vulnerabilities (CVE-2025-11205 & CVE-2025-11206) https://t.co/48mr9KztkK

    @Komodosec

    7 Nov 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-11206 Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chro… https://t.co/jPpS37M08U

    @CVEnew

    6 Nov 2025

    266 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Google、Chrome 141の安定版で2件の危険性の高い脆弱性(CVE-2025-11205,CVE-2025-11206)を含む21件の脆弱性を修正 https://t.co/QZ0aUDUQCB #セキュリティ対策Lab #セキュリティ #Security

    @securityLab_jp

    5 Oct 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️Vulnerabilidades en productos Google Chrome ❗CVE-2025-11205 ❗CVE-2025-11206 ➡️Más info: https://t.co/yNppcKDjHY https://t.co/0z3KNlgc81

    @CERTpy

    3 Oct 2025

    106 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.