AI description
CVE-2025-6558 is a vulnerability affecting Google Chrome, specifically versions prior to 138.0.7204.157. It stems from insufficient validation of untrusted input in the ANGLE and GPU components of the browser. Clément Lecigne and Vlad Stolyarov from Google's Threat Analysis Group discovered and reported the zero-day vulnerability on June 23, 2025. Successful exploitation of CVE-2025-6558 could allow a remote attacker to perform a sandbox escape via a crafted HTML page. ANGLE, which stands for "Almost Native Graphics Layer Engine," translates between Chrome's rendering engine and device-specific graphics drivers; therefore, vulnerabilities in ANGLE can allow attackers to escape Chrome's security sandbox by abusing low-level GPU operations. Google has released a security update to address this vulnerability, which they report has been actively exploited in the wild.
- Description
- Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium ANGLE and GPU Improper Input Validation Vulnerability
- Exploit added on
- Jul 22, 2025
- Exploit action due
- Aug 12, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- chrome-cve-admin@google.com
- CWE-20
- Hype score
- Not currently trending
Tried writing a PoC to trigger CVE-2025-6558 based on test attached with the commit. This hits the vulnerable code path but does not trigger the bug. If anyone reproduced this bug, Hit me up! Commit: https://t.co/2tkfdZazvs PoC: https://t.co/bZ8GstjO1r
@d4rkc0nd0r
16 Sept 2025
3193 Impressions
9 Retweets
33 Likes
26 Bookmarks
1 Reply
0 Quotes
تحديث عاجل من @Apple لإغلاق ثغرة CVE-2025-6558 في Safari سبق استغلالها في @googlechrome كـثغرة "يوم صفر" خطورتها 8.8. - يمكن استغلال الخلل في ANGLE/GPU عبر صفحة HTML خبيثة. - التحديث
@NVMhg60
15 Sept 2025
428 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@dan121235
7 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Inbox now cybersecurity, cyberAttack, social media recover #Cloudcomputting #DataScientist #Spyfacebook #Snapchat #lcloud #9News #wechatspy #SocialmediaRecover #Bitcoin #All service available 📢📢‼️✅ A new exploit is hitting users right now CVE-2025-6558 lets attacker
@dan121235
7 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 August #LinuxPatchWednesday: 867 vulns (455 in Kernel) - nearly 2× July. 1 exploited in the wild (#Chromium CVE-2025-6558). 72 with public exploits: #WordPress, #Kubernetes, #NVIDIA #ContainerToolkit, #PostgreSQL, #Kafka, #7Zip. ➡️ https://t.co/rkt4e01Prz https://t.co/s
@leonov_av
4 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Inbox now cybersecurity, cyberAttack, social media recover #Cloudcomputting #DataScientist #Spyfacebook #Snapchat #lcloud #9News #wechatspy #SocialmediaRecover #Bitcoin #All service available 📢📢‼️✅ A new exploit is hitting users right now CVE-2025-6558 lets attacker
@ChaseVicto94599
23 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google urges Chrome users to update immediately after a serious security flaw was discovered in the popular browser. The bug, labeled CVE-2025-6558, allows attackers to escape Chrome’s sandbox and execute malicious code on the OS. A fix is now available through a Chrome updat
@MindfulTechLLC
20 Aug 2025
418 Impressions
2 Retweets
4 Likes
0 Bookmarks
1 Reply
0 Quotes
URGENT: Critical WebKitGTK vulnerabilities (CVE-2025-6558, +9 more) patched for #Ubuntu. Read more:👉 https://t.co/UrBIurWcUZ #Security https://t.co/mykPXZrXZW
@Cezar_H_Linux
20 Aug 2025
331 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple Issues Urgent Patch for Actively Exploited Vulnerability (CVE-2025-6558) ⤵️ https://t.co/FpVmoqbi8g
@mark_recovery87
19 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox https:
@_cyber_support1
18 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@Prexeycrypto
18 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@Prexeycrypto
18 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@mitnick_h
17 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@Prexeycrypto
17 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@mitnick_h
17 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@mitnick_h
17 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@JaceDarkwell
17 Aug 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@dylancybertech
17 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@claymahrexhack
17 Aug 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@claymahrexhack
17 Aug 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@JaceDarkwell
17 Aug 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Snapchat is the easiest app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hacking A new exploit is hitting users right now CVE-2025-6558 lets attackers break out of the browser sandbox. https
@cyberecstasy01
15 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ทางเพจ NCSA หรือ สํานักงานคณะกรรมการการรักษาความมั่นคงปลอดภัยไซเบอร์แห่งชาติ ได้ออกมาแจ้งเตือนให้ผ
@beartai
13 Aug 2025
1633 Impressions
1 Retweet
8 Likes
0 Bookmarks
0 Replies
0 Quotes
ทางเพจ NCSA หรือ สํานักงานคณะกรรมการการรักษาความมั่นคงปลอดภัยไซเบอร์แห่งชาติ ได้ออกมาแจ้งเตือนให้ผ
@beartai
13 Aug 2025
703 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Apple has released an urgent update for the CVE-2025-6558 vulnerability, which is actively exploited - it is recommended to update devices as soon as possible. https://t.co/eucosqSonH
@MrGr1ef
12 Aug 2025
296 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple Issues Urgent Patch for Actively Exploited Vulnerability (CVE-2025-6558) ⤵️ https://t.co/ZhqpuViUQ9
@_0b1d1
12 Aug 2025
21268 Impressions
48 Retweets
299 Likes
120 Bookmarks
1 Reply
3 Quotes
เตือนอัปเดต iOS 18.6 ด่วน แก้ช่องโหว่ร้ายแรง CVE-2025-6558 ที่แค่ท่องเว็บก็โดนแฮกได้ . ใครใช้ไอโฟน, ไอแพด, แมคบุ๊ก ร
@panraphee
11 Aug 2025
1207 Impressions
4 Retweets
5 Likes
2 Bookmarks
1 Reply
0 Quotes
เตือนอัปเดต iOS 18.6 ด่วน แก้ช่องโหว่ร้ายแรง CVE-2025-6558 ที่แค่ท่องเว็บก็โดนแฮกได้ https://t.co/YjUOueZjOz
@iT24Hrs
11 Aug 2025
615 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple patches CVE-2025-6558, yet folks still smash 'Free AI VPN'—Dark Partners’ 250+ spoof sites drop Poseidon Stealer and drain BTC while Google smiles. Congrats, your wallet wins the Darwin Award. Full story ⬇️ https://t.co/Q46AWK9mKY #AlphaHunt #CyberSecurity #Malwar
@alphahunt_io
9 Aug 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Вразливість CVE-2025-6558 у браузерах: термінове оновлення iOS 18.6 для захисту пристроїв Apple | GizChina Ukraine https://t.co/cBmxAtY79N #CVE-2025-6558 #iOS18.6 #вразливістьбраузера #Кібербез
@GizchinaUkraine
9 Aug 2025
676 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 CRITICAL #Fedora 42 Update! 🔥 Patch webkitgtk 2.48.5 NOW. Fixes 9 CVEs incl: ⚠️ CVE-2025-43265 (RCE). ⚠️ CVE-2025-43227 (Data Leak). ⚠️ CVE-2025-6558 (DoS) . Read more: 👉https://t.co/2z0X3rUALD https://t.co/VVY
@Cezar_H_Linux
8 Aug 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In last month's #cybersecurity bulletin, UNC2891 used a 4G-connected Raspberry Pi and the CAKETAP rootkit to gain covert access to a bank’s ATM network; Apple patched CVE-2025-6558, a critical Safari vulnerability also exploited as a Chrome zero-day. https://t.co/dWZA246oIi
@NetizenCorp
7 Aug 2025
143 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
أصدرت شركة آبل تحديث iOS 18.6 في 29 يوليوز 2025، قبل أشهر قليلة من إطلاق نظام iOS 26 المنتظر في الخريف المقبل. ورغم أن التحديث الجديد لا يقدم ميزات جديدة، إلا أنه يت
@hespress
4 Aug 2025
1760 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
👀 Even top-tier software like #Safari (@Apple) and @googlechrome isn’t immune. A zero-day (CVE-2025-6558) hit both browsers this month: actively exploited in the wild before patches dropped. 💡Knowing the tech ≠ being protected. Security demands vigilance, not just exp
@Shift_DeFi
4 Aug 2025
82 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
1 Quote
Apple released security updates for all platforms to fix CVE-2025-6558, a zero-day flaw in the ANGLE and GPU components exploited in Chrome and affecting Safari’s WebKit engine. https://t.co/x7uURHsQA1
@WalkureARCH
1 Aug 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Weekly vuln radar — https://t.co/Cd6L8ACyLV: CVE-2025-53770 — Sharepoint Server 📈⬆️ CVE-2025-32433 (@lambdafu) CVE-2025-25257 (@0x_shaq) CVE-2025-49113 (@k_firsov) CVE-2025-6558 (@_clem1) CVE-2025-30406 CVE-2025-54309 CVE-2025-23266 (@nirohfeld @shirtamari) CVE
@ptdbugs
1 Aug 2025
160 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Обновления iOS/iPadOS 18.6 и macOS 15.6, закрыли одну из крупнейших уязвимостей, нацеленную на пользователей Chrome Уязвимость CVE-2025-6558 могла позволить злоумышленника
@aaplpro
1 Aug 2025
508 Impressions
0 Retweets
3 Likes
0 Bookmarks
1 Reply
0 Quotes
📌 Apple releases security updates addressing a zero-day vulnerability in Chrome. CVE-2025-6558 (CVSS: 8.8) affects ANGLE and GPU components. #CyberSecurity #ZeroDay https://t.co/UI2Tj81qeX https://t.co/IBwXdQNaYf
@CyberHub_blog
1 Aug 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Urgent security update from #Apple! The company has released iOS 18.6 to fix a critical zero-day vulnerability (CVE-2025-6558) that was actively exploited in attacks against Chrome users. #iOS18 #MESSIAH https://t.co/GRTKNMoTKb
@tech1new_x
31 Jul 2025
468 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple’s latest iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6 updates fix a critical Chrome zero-day vulnerability (CVE-2025-6558) that let attackers run code via malicious HTML pages, bypassing Chrome’s sandbox. Google patched this on July 15, confirming active exploitation.
@mariusfanu
31 Jul 2025
213 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La vulnerabilidad grave CVE-2025-6558 que corrige iOS 18.6 y macOS 15.6 ha sido utilizada maliciosamente https://t.co/lxygF9Q34B https://t.co/oFJVtyK9Vj
@iphoneros
31 Jul 2025
1123 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Apple patches security flaw exploited in Chrome zero-day attacks Apple has released security updates to address CVE-2025-6558, a high-severity zero-day vulnerability actively exploited in attacks targeting Google Chrome users. The flaw lies in the ANGLE graphics layer and allows
@dCypherIO
31 Jul 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
اپل بهروزرسانیهای امنیتی را برای رفع آسیبپذیری شدید CVE-2025-6558 منتشر کرد که در حملات روز صفر علیه کاربران گوگل کروم مورد سوءاستفاده قرار گرفته است. این
@Teeegra
31 Jul 2025
499 Impressions
1 Retweet
9 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Múltiples vulnerabilidades en productos Apple ❗CVE-2025-6558 ❗CVE-2025-7424 ❗CVE-2025-7425 ➡️Más info: https://t.co/B0s7iXaMi4 https://t.co/a0UfnjfIu6
@CERTpy
31 Jul 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تحديث عاجل من @Apple لإغلاق ثغرة CVE-2025-6558 في Safari سبق استغلالها في @googlechrome كـثغرة "يوم صفر" خطورتها 8.8. - يمكن استغلال الخلل في ANGLE/GPU عبر صفحة HTML خبيثة. - التحديث
@cyberscastx
31 Jul 2025
781 Impressions
1 Retweet
3 Likes
2 Bookmarks
1 Reply
0 Quotes
🔒 Apple deploys iOS 18.6 & macOS 15.6 to correct a critical flaw (CVE-2025-6558) exploited via Chrome. The bug originated in ANGLE(Almost Native Graphics Layer Engine), a graphics engine used in WebKit, and allowed code execution via HTML pages, bypassing protections https
@TheAppleDrop
31 Jul 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple patches Safari zero-day (CVE-2025-6558) in WebKit, also exploited in Chrome. No active attacks on Apple yet, but risk is real. Update to iOS 18.6 / macOS 15.6 ASAP. 🔗Full story: https://t.co/HzXaOwkhY2
@Prevent_Cyber
31 Jul 2025
185 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔒💻 Une faille critique découverte sur macOS & iOS ! Apple a publié un correctif (iOS 18.6, macOS 15.6 & cie) pour CVE-2025-6558, une vulnérabilité exploitée dans des attaques zero-day via Webkit. ➡️ Mettez à jour sans attendre ! Déjà fait chez vous ?
@iMathTechs
31 Jul 2025
661 Impressions
4 Retweets
7 Likes
0 Bookmarks
1 Reply
0 Quotes
AppleがChromeゼロデイ攻撃に悪用された脆弱性を修正(CVE-2025-6558) https://t.co/IBi1O133tm #Security #セキュリティ #ニュース
@SecureShield_
30 Jul 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple ha lanzado parches de seguridad para una vulnerabilidad crítica en WebKit, el motor de su navegador Safari. Esta falla, identificada como CVE-2025-6558, también fue explotada como un "zero-day" en Google Chrome, lo que demuestra su gravedad y el interés de los
@citarafy
30 Jul 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85E11AEA-0ABB-4CBB-9236-1459F7C94F7A",
"versionEndExcluding": "138.0.7204.157"
}
],
"operator": "OR"
}
]
}
]