CVE-2025-2783
HIGH CISA KEVDescription
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
Is your site exposed to CVE-2025-2783?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild.
Affected Products
| Vendor | Product |
|---|---|
| chrome | |
| microsoft | windows |
References
Frequently Asked Questions
What is CVE-2025-2783? +
How severe is CVE-2025-2783? +
What products are affected by CVE-2025-2783? +
How do I check if I'm vulnerable to CVE-2025-2783? +
Related Vulnerabilities
In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead …
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code …
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of …
Google Nest WiFi Pro root code-execution & user-data compromise
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default …
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and …