Data Exposure in Gemini iOS App by Google
CVE-2025-5009

1LOW

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
8 October 2025

What is CVE-2025-5009?

A vulnerability in Google Gemini for iOS allows users to unintentionally share their entire conversation history through a public link, rather than just the intended snippet. This oversight poses significant risks to user privacy, as it enables potential exposure of sensitive information. Users should exercise caution when sharing conversation snippets to prevent unintended data leaks.

Affected Version(s)

Gemini iOS 0

References

CVSS V4

Score:
1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.