Severity
High
Analysis Summary
CVE-2025-13721 CVSS:7.5
Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2025-13720 CVSS:8.8
Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2025-13638 CVSS:8.8
Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2025-13633 CVSS:8.8
Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2025-13631 CVSS:8.8
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file.
CVE-2025-13630 CVSS:8.8
Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Impact
- Gain Access
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2025-13721
CVE-2025-13720
CVE-2025-13638
CVE-2025-13633
CVE-2025-13631
CVE-2025-13630
Affected Vendors
Affected Products
- Google Chrome 143.0.7499.41
Remediation
Refer to Google Chrome Security Advisory for patch, upgrade, or suggested workaround information.