AI description
CVE-2025-12443 is an out-of-bounds read vulnerability found in the WebXR component of Google Chrome. Discovered by Aisle Research in October 2025, the flaw affects Chrome versions prior to 142.0.7444.59 across Windows, Mac, and Linux platforms. It stems from an issue in matrix handling within the WebXR implementation. The vulnerability allows malicious web content to potentially leak sensitive heap memory. An attacker could access memory locations beyond the intended boundaries, potentially leading to information disclosure, application crashes, or the ability to bypass ASLR (address space layout randomization). The vulnerability has been addressed in Chrome version 142.0.7444.59 and later.
- Description
- Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- chrome-cve-admin@google.com
- CWE-125
- Hype score
- Not currently trending
CVE-2025-12443: Chrome WebXR Flaw Hits 4 Billion Devices | AISLE - https://t.co/tnsLw0BR5I
@FAMASoon
4 Dec 2025
948 Impressions
4 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
We've found a zero-day vulnerability in Chrome/Chromium using @Aisle_Inc's autonomous AI security system CVE-2025-12443 = a vuln in complex geometry in VR/AR code, intro'd just 6 months back by Google's engineers Here's my detailed technical blog post: https://t.co/ZvVTzodP35 h
@stanislavfort
3 Dec 2025
8157 Impressions
21 Retweets
123 Likes
64 Bookmarks
1 Reply
0 Quotes
CVE-2025-12443 Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromi… https://t.co/ImzGwW7U8b
@CVEnew
10 Nov 2025
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B56189F0-45F6-4A5B-AFFD-07B20B001040",
"versionEndExcluding": "142.0.7444.59"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]