Primary

Context

Google Chrome DevTools Insufficient Data Validation Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Patched

A vulnerability in Google Chrome's DevTools component on Windows, in versions prior to 138.0.7204.49, allowed remote code execution. This issue stemmed from inadequate data validation, which could be exploited if a user was convinced to perform certain UI interactions with a specially crafted HTML page.

Impact

Exploitation of this vulnerability allowed for arbitrary code execution on the affected system.

Remediation

Users can update to Google Chrome version 138.0.7204.49 or later to address this vulnerability.

Added: Jun 24, 2025, 8:19 PM

Updated: Jun 24, 2025, 9:34 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Chrome DevTools Insufficient Data Validation Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Google Chrome

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating