Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-7657

HIGH
Published 2025-07-15T18:12:37.091Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-7657. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
8.8
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Description

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Google

Chrome

Affected Versions:

138.0.7204.157

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected Products (ENISA)

google
chrome

ENISA Scoring

CVSS Score (3.1)

8.8
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.140
probability

ENISA References

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html
https://issues.chromium.org/issues/427681143

Data provided by ENISA EU Vulnerability Database. Last updated: July 16, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-wc8w-c4fg-hj36

Advisory Details

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-7657
WEB https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html
WEB https://issues.chromium.org/issues/427681143

Advisory provided by GitHub Security Advisory Database. Published: July 15, 2025, Modified: July 15, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

2 posts
Reddit 4 days ago
Steve_Dobbs_69

CVE-2025-7657: High Severity Vulnerability in Google Chrome’s WebRTC Component

1
1.0
View Original
Reddit 4 days, 3 hours ago
Lazy-Veterinarian121
Exploit

why cant i find known exploits on exploit db, do companies remove this? I wanted to test out an exploit on my PC which had an outdated version of Chromium (which I now updated - it's on a VM that I'm doing the testing on) and found some leads to …

Also mentions: CVE-2025-7656 CVE-2025-6558
4
8.0
View Original High Risk

References

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html
https://issues.chromium.org/issues/427681143
Published: 2025-07-15T18:12:37.091Z
Last Modified: 2025-07-15T18:33:26.027Z
Copied to clipboard!