What is CVE-2025-11207?

CVE-2025-11207 is a vulnerability in Google Chrome, classified under CWE-1300. Published 2025-11-06.

Is CVE-2025-11207 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Google Chrome

CVE-2025-11207

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)

EPSS: 0.001 (17.5th percentile) — read the EPSS interpretation.

Affected products

Google Chrome — versions 141.0.7390.54

Weakness classification (CWE)

CWE-1300

Public proof-of-concept exploits

w4zu/Debian_

References

chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html
issues.chromium.org/issues/428189824

Frequently asked questions

What is CVE-2025-11207?: CVE-2025-11207 is a vulnerability in Google Chrome, classified under CWE-1300. Published 2025-11-06.
Is CVE-2025-11207 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.