Vulnerability cyber

Google

May 19, 2025 1 min read
Google

Google released an emergency update for the Chrome browser to patch an actively exploited vulnerability that could allow attackers to steal sensitive information. The vulnerability, tracked as CVE-2025-4664, affects the Chrome Loader component, which manages resource requests. The flaw allows attackers to set a referrer-policy in the Link header, causing Chrome to include full URLs with sensitive query parameters. This could lead to the theft of OAuth tokens, session identifiers, and other private data. Users are advised to update their Chrome browsers immediately to versions 136.0.7103.113/.114 for Windows and Mac, and 136.0.7103.113 for Linux.

Source: https://www.malwarebytes.com/blog/news/2025/05/update-your-chrome-to-fix-serious-actively-exploited-vulnerability

TPRM report: https://scoringcyber.rankiteo.com/company/google

"id": "goo428051925",
"linkid": "google",
"type": "Vulnerability",
"date": "5/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.