UI Spoofing Vulnerability in Google Chrome for Android
CVE-2025-12447

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-12447?

A vulnerability in the Omnibox feature of Google Chrome for Android allows a remote attacker to deceive users through UI spoofing techniques. When a user engages with specially crafted HTML pages, the attacker can manipulate the interface, leading to potential phishing attacks or other deceptive practices. Users of versions prior to 142.0.7444.59 are particularly at risk, making it crucial to update to the latest version for optimal protection.

Affected Version(s)

Chrome 142.0.7444.59

References

https://chromereleases.googleblog.com/2025/10/stable-chan...

https://issues.chromium.org/issues/442636157

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Oct 28, 2025

JSON