CVE-2025-6558 PoC — Google Chrome 输入验证错误漏洞

Source

Associated Vulnerability

Readme

# **CVE-2025-6558 - Google Chrome ANGLE/GPU Sandbox Escape**  

| **Field**         | **Details**                                                                 |
|-------------------|-----------------------------------------------------------------------------|
| **CVE ID**        | CVE-2025-6558                                                               |
| **Vulnerability Type** | Sandbox Escape                                                           |
| **Affected Application** | Google Chrome (ANGLE and GPU components)                                |
| **Severity**      | Critical – Enables remote arbitrary code execution and access to sensitive resources |
| **Affected Versions** | Google Chrome versions < `138.0.7204.157`                                 |
| **Exploitation Prerequisites** | User visits a webpage containing malicious WebGL/HTML content          |
| **POC Availability** | Confirmed                                                                 |

---

## Description
CVE-2025-6558 is a critical sandbox escape vulnerability in Google Chrome’s **ANGLE** (Almost Native Graphics Layer Engine) and **GPU components**. Insufficient validation of untrusted inputs in ANGLE/GPU processing allows remote attackers to craft malicious HTML pages that trigger this flaw.

## ⚠️ Disclaimer

This content is provided for **educational and research purposes** only.  
The author does **not condone** malicious activity or exploitation of systems without **explicit authorization**.

---

### Exploit
[**href**](http://bit.ly/4lAFDak)

File Snapshot

 [4.0K]  /data/pocs/24af1a3bf4e07946000381c727d8830291ba5dca
└── [1.5K]  README.md

0 directories, 1 file

Remarks