Google confirmed a critical security flaw in Chrome affecting billions on various platforms. Identified as CVE-2025-2476, this critical memory vulnerability in the Chrome Lens component allows execution of arbitrary code via crafted web pages. Reported by SungKwon Lee, the use-after-free issue poses a threat to user data and system control, prompting an urgent update. Pre-update versions of Chrome on Windows, Mac, Linux, and Android are susceptible to heap corruption and potential system compromise. Users with privileges are at risk of unauthorized program installation, data access, and system control. Google addressed the vulnerability with updates in March 2025 and advised immediate user action to secure systems.
Source: https://cybersecuritynews.com/chrome-vulnerability-allows-arbitrary-code/
"id": "goo252032425",
"linkid": "google",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"