POSTING DATE: 2025/12/17

[VULNERABILITY ALERT] 5 High-Risk Security Vulnerabilities in Chromium-Based Browsers, Please Verify and Patch Immediately (CVE-2025-13630) (CVE-2025-13631) (CVE-2025-13633) (CVE-2025-13638) (CVE-2025-13720)

  • Subject: [VULNERABILITY ALERT] 5 High-Risk Security Vulnerabilities in Chromium-Based Browsers, Please Verify and Patch Immediately (CVE-2025-13630) (CVE-2025-13631) (CVE-2025-13633) (CVE-2025-13638) (CVE-2025-13720)


  • Content Description:
    • Forwarded from National Information Security Information Sharing and Analysis Center Security Alert NISAC-200-202512-00000131
    • Researchers have discovered 5 high-risk security vulnerabilities in Chromium-based browsers such as Google Chrome, Microsoft Edge, Vivaldi, and Brave. These include Type Confusion (CVE-2025-13630), Privilege Escalation (CVE-2025-13631), Use After Free (CVE-2025-13633 and CVE-2025-13638), and Incorrect Type Conversion or Cast (CVE-2025-13720). In the most severe case, an unauthenticated remote attacker could execute arbitrary code on the user's side. Please verify and patch as soon as possible.
  • Affected Platforms:
    • Google Chrome (Linux and Windows) versions prior to 143.0.7499.40
    • Google Chrome (Mac) versions prior to 143.0.7499.41
    • Microsoft Edge versions prior to 143.0.3650.66
    • Vivaldi versions prior to 7.7.3851.58
    • Brave versions prior to 1.85.111
  • Recommended Actions:

1. Please update Google Chrome browser to version 143.0.7499.40/41 (inclusive) or later: https://support.google.com/chrome/answer/95414?hl=zh-Hant 

  2. Please update Microsoft Edge browser to version 143.0.3650.66 (inclusive) or later: https://support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1
  3. Please update Vivaldi browser to version 7.7.3851.58 (inclusive) or later: https://help.vivaldi.com/desktop/install-update/update-vivaldi/
  4. Please update Brave browser to version 1.85.111 (inclusive) or later: https://community.brave.com/t/how-to-update-brave/384780
* Reference Material:
  -  https://nvd.nist.gov/vuln/detail/CVE-2025-13630
  -  https://nvd.nist.gov/vuln/detail/CVE-2025-13631
  -  https://nvd.nist.gov/vuln/detail/CVE-2025-13633
  -  https://nvd.nist.gov/vuln/detail/CVE-2025-13638
  -  https://nvd.nist.gov/vuln/detail/CVE-2025-13720

Computer and Communication Center
Network Systems Division, Respectfully