- 215/2025
- High
Google has released an updated Chrome version 141.0.7390.54/55 for Windows, Mac, and 141.0.7390.54 for Linux.
The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, cause application instability/crashes, obtain sensitive information, or execute arbitrary code, and gain access to the affected system by persuading a victim to visit a specially crafted website.
Sample of the addressed vulnerabilities:
1. Google Chrome Code Execution Vulnerability (CVE-2025-11205):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
2. Google Chrome Security Bypass Vulnerability (CVE-2025-11208):
- CVSS: 6.5
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Bypass Security
Vulnerabilities
- CVE-2025-11205
- CVE-2025-11206
- CVE-2025-11207
- CVE-2025-11208
- CVE-2025-11209
- CVE-2025-11210
- CVE-2025-11211
- CVE-2025-11212
- CVE-2025-11213
- CVE-2025-11215
- CVE-2025-11216
- CVE-2025-11219
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.