CVE-2025-14174: Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a…

high8.8CVSS 3.1

AVNACLPRNUIRSUCHIHAH

KEV

CISA Known Exploited Vulnerabilitydue 2026-01-02

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Affected

43 ranges· showing 25

Vendor	Product	Version range	Fixed in
apple	ios_18.7.3_and_ipados	—	—
apple	ios_26.2_and_ipados	—	—
apple	ios_26.3_and_ipados	—	—
apple	ios_and_ipados	< 26.3	26.3
apple	ipados	< 18.7.3	18.7.3
apple	ipados	< 26.3	26.3
apple	ipados	>= 26.0 < 26.2	26.2
apple	iphone_os	< 18.7.3	18.7.3
apple	iphone_os	< 26.3	26.3
apple	iphone_os	>= 26.0 < 26.2	26.2
apple	macos	< 26.3	26.3
apple	macos	< 26.2	26.2
apple	macos	< 26.3	26.3
apple	macos	>= 26.0 < 26.2	26.2
apple	macos_tahoe	—	—
apple	macos_tahoe	—	—
apple	safari	< 26.2	26.2
apple	safari	—	—
apple	tvos	< 26.3	26.3
apple	tvos	< 26.2	26.2
apple	tvos	< 26.3	26.3
apple	tvos	—	—
apple	tvos	—	—
apple	visionos	< 26.3	26.3
apple	visionos	< 26.2	26.2

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

osv8.8HIGH

vulncheck8.8HIGH

cisa8.8HIGH