CVE-2025-9867

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-9867?

Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Affected Version(s)

Chrome 140.0.7339.80

References

https://chromereleases.googleblog.com/2025/09/stable-chan...

https://issues.chromium.org/issues/415496161

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Sep 2, 2025