CVE-2025-1079 HIGH

CVE-2025-1079: RCE In Google Web Designer

Vendor Google
Product Web Designer
Weakness CWE-61
Published May 12, 2025
Last update May 12, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's preview feature

Key dates

02Disclosure timeline

May 12, 2025 CVE published
May 12, 2025 Record updated