Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Google Chrome Mojo Sandbox Escape Vulnerability on Windows

Vulnerability

Exploited

Patched

A sandbox escape vulnerability has been identified in Google Chrome's Mojo component on Windows, affecting versions prior to 134.0.6998.177. The issue arises from an incorrect handle being provided in unspecified circumstances, which allowed remote attackers to escape the sandbox by using a malicious file.

Impact

Exploitation of this vulnerability allows for a sandbox escape, enabling potentially malicious files to bypass Chrome's security restrictions and interact with the underlying operating system or user environment.

Remediation

Users can update to Google Chrome version 134.0.6998.177 or later to address this vulnerability. The update will be rolled out over the coming days and weeks.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.0

exploitability

6.1

remediation

7.7

relevance

0.0

threat

8.9

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.0

exploitability

6.1

remediation

7.7

relevance

0.0

threat

8.9

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Google Chrome Mojo Sandbox Escape Vulnerability on Windows

Vulnerability

Impact

Remediation

Affected Products

Google Chrome

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating