Policy Bypass Vulnerability in Google Chrome Extensions
CVE-2025-12445
Currently unrated
What is CVE-2025-12445?
A policy bypass vulnerability in Google Chrome allows malicious extensions to leak sensitive cross-origin data. Attackers can exploit this flaw by convincing users to install crafted Chrome Extensions that do not adhere to security policies, thus compromising user data privacy and security. It is crucial for users to update their browsers to the latest version to mitigate risks associated with this vulnerability.
Affected Version(s)
Chrome 142.0.7444.59