[Unpatched] Chrome 0-click Remote code execution + Sandbox escape

**beakbit** · (This post was last modified: 05-06-2025, 05:05 AM by beakbit.)

[ Exploit for sale ]

[Unpatched] Chrome 0-click Remote code execution + Sandbox escape
Tested on:

Windows 10 and Windows 11 (22H2, 24H2)
Chrome: v137 (latest)
V8 engine: 13.7.152.9 (latest)

Price: Negotiable - Serious buyers only - XMR Only

Contact: [email protected]

Demo:

**SantaSearch** · Posted at 31-05-2025, 03:44 PM

Not a zero click. Zero click means no user interaction in this demo they must refresh and click

**beakbit** · (This post was last modified: 05-06-2025, 05:02 AM by beakbit.)

31-05-2025, 03:44 PM SantaSearch Wrote:
Not a zero click. Zero click means no user interaction in this demo they must refresh and click

Refresh is only to show that exploit works, the victim doesn't need to refresh or click on anything and this can be hosted on a web server so it triggers the exploit automatically by just visiting a link or viewing a page ( which can also be an iframe ).

The victim doesn't need to refresh or click anything rather than visiting a link.

**beakbit** · OP Posted at 05-06-2025, 05:05 AM

Autobump!

**beakbit** · OP Posted at 07-06-2025, 08:33 AM

Autobump!

**beakbit** · OP Posted at 08-06-2025, 08:42 AM

Autobump!

[Unpatched] Chrome 0-click Remote code execution + Sandbox escape

Submitted by beakbit at 31-05-2025, 02:30 PM