CVE-2025-6555

Published Jun 24, 2025

Last updated 22 days ago

CVSS medium 5.4

Overview

Description
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Source
chrome-cve-admin@google.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.4
Impact score
2.5
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

chrome-cve-admin@google.com
CWE-416

Social media

Hype score
Not currently trending

  1. Multiple Google Chrome flaws (CVE-2025-6555, CVE-2025-6556, and CVE-2025-6557) could lead to remote code execution. Update now. Full advisory: https://t.co/MrpfKeZjtH #Chrome #CyberSecurity #ZeroDay #VulnerabilityAlert #InfoSec

    @rewterz

    25 Jun 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.