CVE-2025-4609

Summary

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

Affected Software

VendorProductVersion RangeStatus
GoogleChrome136.0.7103.113 < 136.0.7103.113affected

Weaknesses

  • Incorrect handle provided in unspecified circumstances

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References