On July 15, 2025, Google released an urgent security update for its Chrome web browser, addressing six vulnerabilities, including a high-severity flaw actively exploited in the wild. This critical vulnerability, identified as CVE-2025-6558 with a CVSS score of 8.8, involves improper validation of untrusted input within Chrome’s ANGLE and GPU components.
ANGLE, or Almost Native Graphics Layer Engine, serves as a translation layer between Chrome’s rendering engine and device-specific graphics drivers. A flaw in this component can enable attackers to escape Chrome’s sandbox environment by exploiting low-level GPU operations, potentially leading to unauthorized system access. This type of vulnerability is particularly concerning because it allows malicious actors to execute code on the host system simply by enticing users to visit a specially crafted HTML page.
The vulnerability was discovered and reported on June 23, 2025, by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group (TAG). While specific details about the attacks leveraging this flaw have not been disclosed, Google’s acknowledgment of its active exploitation suggests potential involvement of sophisticated threat actors, possibly nation-state entities.
This development follows closely on the heels of another actively exploited Chrome zero-day vulnerability, CVE-2025-6554, reported by Lecigne on June 25, 2025. Since the beginning of the year, Google has addressed five zero-day vulnerabilities in Chrome that have been either actively exploited or demonstrated as proof-of-concept. These include CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, and the most recent CVE-2025-6558.
To protect against potential threats, users are strongly advised to update their Chrome browsers to versions 138.0.7204.157/.158 for Windows and macOS, and 138.0.7204.157 for Linux. To ensure the latest updates are installed, users can navigate to More > Help > About Google Chrome, and select Relaunch.
Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, should also apply the fixes as they become available.
Vulnerabilities like CVE-2025-6558 often fall under broader categories such as GPU sandbox escapes, shader-related bugs, or WebGL vulnerabilities. While they may not always capture headlines, these issues can be exploited in chained attacks or targeted campaigns. It’s crucial for users and organizations to stay vigilant and promptly apply security updates to mitigate potential risks.
