CVE-2025-6558 - Google Chromium ANGLE and GPU Improper Input Validation Vulnerability

Vulnerability Name

Google Chromium ANGLE and GPU Improper Input Validation Vulnerability

Description

Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html

https://nvd.nist.gov/vuln/detail/CVE-2025-6558

Related News Articles

Apple patches security flaw exploited in Chrome zero-day attacksJuly 31, 2025

Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google ChromeJuly 30, 2025