What is CVE-2025-11756?

CVE-2025-11756 is a high-severity use-after-free vulnerability in Google Chrome's Safe Browsing component with a CVSS score of 9.8. This type of vulnerability could potentially allow attackers to exploit memory corruption issues in the browser's security component.

What Chrome component is affected by CVE-2025-11756?

The vulnerability affects Chrome's Safe Browsing component, which is a security feature designed to protect users from phishing and malware sites. The use-after-free flaw in this critical security component makes the vulnerability particularly concerning.

What version should Chrome users update to?

Chrome users should update to version 141.0.7390.107 or 141.0.7390.108 for Windows and Mac systems, and version 141.0.7390.107 for Linux platforms. These versions contain the security patch for CVE-2025-11756.

When will the Chrome security update be available?

The security patch is being released progressively over the coming days and weeks to ensure broad coverage across Chrome's extensive user base. Users can manually check for updates immediately by navigating to Chrome's settings menu and selecting About Chrome.

What is the severity of CVE-2025-11756?

CVE-2025-11756 has a CVSS score of 9.8, which indicates critical severity in the standard scoring system. Google rates it as High severity. The high score reflects the serious nature of use-after-free vulnerabilities which can potentially lead to remote code execution.

What platforms are affected by the Chrome vulnerability?

The vulnerability affects Google Chrome on Windows, Mac, and Linux platforms. Google has released patched versions for all three operating systems: version 141.0.7390.107 or 108 for Windows and Mac, and version 141.0.7390.107 for Linux.

How can users manually update Chrome?

Users can manually check for updates by navigating to Chrome's settings menu and selecting About Chrome. This will trigger Chrome to check for available updates and install them automatically. Users and organizations are encouraged to update their Chrome installations as soon as possible.

What should Chrome users do about CVE-2025-11756?

Chrome users should update their browser to the latest version as soon as possible. The update to version 141.0.7390.107 or 108 (depending on platform) patches the high-severity use-after-free vulnerability. Users can check for updates manually through Chrome's settings or wait for the automatic progressive rollout.

What is a use-after-free vulnerability?

A use-after-free vulnerability occurs when a program continues to use memory after it has been freed, potentially allowing attackers to exploit memory corruption. In CVE-2025-11756, this flaw affects Chrome's Safe Browsing component and has a CVSS score of 9.8, indicating it could potentially be exploited for serious security impacts such as remote code execution.

Advisory

Google patches high severity vulnerability in Chrome Safe Browsing

Q: What vulnerability did Google patch in Chrome?

Google released a security update for Chrome's Stable channel patching one high-severity use-after-free vulnerability in the browser's Safe Browsing component. The flaw is tracked as CVE-2025-11756 with a CVSS score of 9.8 and rated as High severity by Google.

published: Oct. 16, 2025

Take action: If you are using Google Chrome or other Chromium-based browsers (Edge, Brave, Vivaldi, Opera...) patch your browser ASAP. The flaw is critical in CVSS score but Google says it's High Severity. Don't debate the severity. Better to patch than to be surprised later. Updating is trivial, all your tabs reopen.

Learn More

Google has released a security update for Chrome's Stable channel, patching one high-severity use-after-free vulnerability in the browser's Safe Browsing component.

The flaw is tracked as CVE-2025-11756 (CVSS score 9.8, Google score High): use-after-free vulnerability in Safe Browsing component

The update brings Chrome to version 141.0.7390.107/.108 for Windows and Mac systems, and 141.0.7390.107 for Linux platforms. This security patch will be released progressively over the coming days and weeks to ensure broad coverage across Chrome's extensive user base.

In accordance with standard security practices, Google is maintaining restricted access to the full bug details and associated links until a majority of users have received the security update.

Users and organizations are encouraged to update their Chrome installations as soon as possible. Users can manually check for updates by navigating to Chrome's settings menu and selecting "About Chrome."

Google patches high severity vulnerability in Chrome Safe Browsing

Read More
Microsoft releases January 2025 patch, fixes 8 zero-days, …
Hundreds of Canon Inkjet Printer Models Can Leak …
Opera Browser fixes flaw dubbed "Cross Barking" allowing …
Mozilla releases patches for multiple flaws in Firefox …
Google releases August 2025 Android Security Update, patches …