CVE-2025-4372

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 136.0.7103.92

Description A Use-After-Free vulnerability in Google Chrome's WebAudio API allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. The vulnerability enables remote attackers to manipulate memory and execute arbitrary code. This issue is particularly dangerous because it does not require any user privileges or extensive user interaction, making it an easy target for cybercriminals.

Recommendations For Google Chrome versions prior to 136.0.7103.92, update to version 136.0.7103.92 or later to resolve the issue. As a temporary workaround, consider disabling the WebAudio API until a patch is available. Restrict access to the WebAudio component to minimize the risk of exploitation. Avoid using the WebAudio API in affected versions until the issue is resolved.