CVE-2025-14174

high-risk

Published 2025-12-12

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Do I need to act?

1.0% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (9)

Chrome

Safari

Ipados

Iphone Os

Macos

Tvos

Visionos

Watchos

Edge Chromium

Affected Vendors

Microsoft Apple Google

References (4)

Release Notes https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_...

Permissions Required https://issues.chromium.org/issues/466192044

Third Party Advisory https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security

Third Party Advisory https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-...

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 10/34 · Low

Exposure 15/34 · Moderate