DEBIAN-CVE-2025-6557

DEBIAN-CVE-2025-6557 PUBLISHED CVSS 5.400000095367432 MEDIUM

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Risk Scores

CVSS 3.1

5.400000095367432

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:12	chromium	125.0.6422.76-1, 113.0.5672.126-1, 114.0.5735.106-1
Debian:14	chromium	0, 0
Debian:11	chromium	144.0.7559.109-2, 136.0.7103.59-2, 128.0.6613.84-1
Debian:13	chromium	0, 0

Timeline

Jun 24, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-6557 advisory

Open in Interactive Console →