CVE-2025-12443

Discovered by AISLEPUBLISHEDCWE-125

Description

Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

CVSS Base Scores

CVSS v3.1(Primary)

4.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Version	Status
Google	Chrome	142.0.7444.59	affected

References

https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html
https://issues.chromium.org/issues/452071845