Data Exposure in Gemini iOS App by Google
CVE-2025-5009

1LOW

Key Information:

Vendor: Google
Status: Gemini
Vendor: CVE Published:; 8 October 2025

What is CVE-2025-5009?

A vulnerability in Google Gemini for iOS allows users to unintentionally share their entire conversation history through a public link, rather than just the intended snippet. This oversight poses significant risks to user privacy, as it enables potential exposure of sensitive information. Users should exercise caution when sharing conversation snippets to prevent unintended data leaks.

Affected Version(s)

Gemini iOS 0

References

https://medium.com/@warisjeet31/google-gemini-ios-vulnera...

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2025
Vulnerability Reserved
May 20, 2025

JSON