CVE-2025-12907 - AskarLabs CVE Database

CVE-2025-12907

Vendor Google

Product Chrome

Weakness CWE-20 · Input validation

Published November 7, 2025

Last update February 26, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

Key dates

02Disclosure timeline

November 7, 2025 CVE published

February 26, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-12907 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

04Related CVE

CVE-2026-26147 Azure Stack HCI Information Disclosure Vulnerability CVE-2026-32603 Sandboxie kernel driver denial of service via malformed IOCTL from sandboxed process CVE-2019-1831 Cisco Email Security Appliance Content Filter Bypass Vulnerability CVE-2023-46167 IBM Db2 denial of service CVE-2026-21282 Adobe Commerce | Improper Input Validation (CWE-20)