CVE-2025-5280

Published May 27, 2025

Last updated 2 months ago

CVSS high 8.8

Overview

Description
Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Source
chrome-cve-admin@google.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

chrome-cve-admin@google.com
CWE-787
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787

Social media

Hype score
Not currently trending

  1. Google & Mozilla just dropped security updates for Chrome & Firefox, patching 21 vulnerabilities total. Chrome v137 fixes 11 issues (8 from external researchers). Two high-severity bugs: • CVE-2025-5063 – use-after-free in Compositing • CVE-2025-5280 – out-of-boun

    @cyber_sec_raj

    1 Jun 2025

    76 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. ⚠️ تحذير أمني 📌 الثغرة : ـCVE-2025-5063 ـCVE-2025-5280 ـCVE-2025-5064 ـCVE-2025-5065 ـCVE-2025-5066 ـCVE-2025-5281 ـCVE-2025-5283 ـCVE-2025-5067 👈 المنتج المستهدف : متصفح الإنترنت Google Chrome 🆘 مدى الخطو

    @issam_khairi

    31 May 2025

    741 Impressions

    3 Retweets

    30 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  3. ⚠️Múltiples vulnerabilidades de Microsoft Edge ❗CVE-2025-5063 ❗CVE-2025-5280 ➡️Más info: https://t.co/MAYi2xxuo4 https://t.co/Hpnxw2kubc

    @CERTpy

    30 May 2025

    120 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  4. 🚨 CVE-2025-5280 🔴 HIGH (8.8) 🏢 Google - Chrome 🏗️ 137.0.7151.55 🔗 https://t.co/CPcwB1qaAK 🔗 https://t.co/DDIMWrehna #CyberCron #VulnAlert #InfoSec https://t.co/FeltcbtWCx

    @cybercronai

    29 May 2025

    65 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. ⚠️Vulnerabilidades corregidas en Google Chrome ❗CVE-2025-5063 ❗CVE-2025-5280 ➡️Más info: https://t.co/UTo89mABj6 https://t.co/LEYaz3S0mQ

    @CERTpy

    28 May 2025

    112 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  6. CVE-2025-5280 Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium se… https://t.co/CXudaZcbtw

    @CVEnew

    27 May 2025

    391 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.