- Description
- Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- chrome-cve-admin@google.com
- CWE-416
- Hype score
- Not currently trending
CVE-2025-8088 Detection: WinRAR Zero-Day Is Actively Exploited in the Wild to Install RomCom Malware https://t.co/fIzPCIhEGU As summer reaches its peak, the cyber threat landscape is heating up just as fast. Following the recent disclosure of CVE-2025-8292, a use-after-free v
@f1tym1
11 Aug 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Fedora 41 Users: Critical Chromium Update Required! CVE-2025-8292 allows hackers to hijack browsers via media streams. Patch now: ✅ Severity: 9.1/10 CVSS. ✅ Fix: sudo dnf upgrade. ✅ Risk: Remote code execution. Read more:👉 https://t.co/Rk3559gkTN https://t.co/bK9S
@Cezar_H_Linux
7 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ تحذير أمني الثغرة : ـCVE-2025-8292 المنتج المستهدف : متصفح الإنترنت Microsoft Edge و Google Chrome مدى الخطورة : عالٍ التهديد : تسمح هذه الثغرة للمهاجمين عن بعد بتنف
@Sudansoft1
5 Aug 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 CRITICAL: Patch #openSUSE SLE-15-SP6 Chromium NOW! 🔥 CVE-2025-8292 (Important): Use-After-Free in Media Stream → Remote Code Execution risk. Read more: 👉 https://t.co/N7HCq9ORyi https://t.co/xe2FVQOFUZ
@Cezar_H_Linux
5 Aug 2025
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-8292: Chrome Vulnerability Alert 🚨 Use-after-free in Google Chrome's Media Stream (pre-138.0.7204.183) lets attackers trigger heap corruption by crafting malicious HTML that manipulates freed memory, risking code execution. CVSS 3.1: 8.8 (High). Affects Windows,
@Andrewkek77
5 Aug 2025
40 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical: #Fedora42 #Chromium update fixes CVE-2025-8292 (9.1/CVE). Use-After-Free flaw in Media Stream → RCE. ⏩ Patch: dnf upgrade --advisory FEDORA-2025-2d776e48e1 Read more:👉 https://t.co/jsd9sDxu9W https://t.co/HLNno5dyLa
@Cezar_H_Linux
3 Aug 2025
48 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical: #Fedora42 #Chromium update fixes CVE-2025-8292 (9.1/CVE). Use-After-Free flaw in Media Stream → RCE. ⏩ Patch: dnf upgrade --advisory FEDORA-2025-2d776e48e1 Read more:👉 https://t.co/jsd9sDy1Zu https://t.co/z4VtQkZ84h
@Cezar_H_Linux
3 Aug 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chromium: CVE-2025-8292 Use after free in Media Stream https://t.co/2LzWBK9bh7 #SecQube #cybersecurity
@SecQube
1 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Chrome users, beware! A sneaky "use after free" flaw (CVE-2025-8292) could let hackers crash your party with a rogue HTML page. Update to version 138.0.7204.183 or risk being the main event! 🎉 #Chrome #CyberSecurity #WindowsForum https://t.co/HkJ9NhrKDS
@windowsforum
31 Jul 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨💻 Critical #Chrome RCE Alert! Google patched a high-severity "use-after-free" flaw (CVE-2025-8292) in Media Stream. This can lead to code execution. #CyberSecurity teams, update all Chrome instances to 138.0.7204.183+ immediately! #Vulnerability https://t.co/qdeEZbFVMc
@fernandokarl
31 Jul 2025
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en Google Chrome ❗CVE-2025-8292 ➡️Más info: https://t.co/D4JVS4RxAv https://t.co/omNf25CVfI
@CERTpy
30 Jul 2025
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨روز سهشنبه یک بهروزرسانی امنیتی برای #گوگل_کروم منتشر شد. اما این بار موضوع کمی متفاوت است! در این بهروزرسانی اضطراری تنها یک آسیبپذیری مهم و خطرن
@PasKoocheh
30 Jul 2025
2212 Impressions
6 Retweets
10 Likes
3 Bookmarks
0 Replies
0 Quotes
🥷 #Google опублікувала термінове оновлення безпеки #Chrome — браузер версії 138.0.7204.183/.184 виправляє вразливість CVE-2025-8292, яка дозволяла зловмисникам атакувати к
@AKuznietsov75
30 Jul 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-8292 Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrom… https://t.co/lDCSzMMiG6
@CVEnew
30 Jul 2025
629 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
(CVE-2025-8292)[$8000][426054987]UAF in MediaStreamTrackImpl where pointers to the SpeechRecognitionMediaStreamAudioSinks that are owned by the MediaStreamTrackImpl could potentially be accessed after the sinks are destroyed https://t.co/2dxoERgrkW https://t.co/qvknfie66l
@xvonfers
29 Jul 2025
28 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62EDAF33-5484-4561-B709-342B9A7389A8",
"versionEndExcluding": "138.0.7204.183"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]