New Chrome Vulnerability Enables Cross-Origin Data Leak Via Loader Referrer Policy - Cybernoz - Cybersecurity News

Google has closed several vulnerabilities in Chrome and released an update. A particularly critical vulnerability (CVE-2025-4664) concerns the loader component, which is responsible for loading and processing website content. It allows attackers to access data from other websites via manipulated HTML pages. A corresponding exploit is already in circulation. Another vulnerability concerns the mojo component, which

Google Chrome Update Fixes CVE-2025-4372 & Other Flaws

Google has just rolled out a critical security and feature update for its widely used web browser, Google Chrome, and if you are one of the millions using it daily, this is not the kind of update you should miss. The new version—136.0.7103.113/.114 for Windows and macOS, and 136.0.7103.113 for Linux—started rolling out via the Stable channel on May 14, 2025, and brings with it crucial patches for multiple security vulnerabilities, including the …

Google updates Chrome and stuffs security leaks. For one thing, there is already an exploit, the company explains.

New Chrome Vulnerability Enables Cross-Origin Data Leak Via Loader Referrer Policy - Cybernoz - Cybersecurity News

May 15, 2025Ravie LakshmananBrowser Security / Web Security Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement in a component called Loader. “Insufficient policy enforcement in Loader in …

Google Chrome Zero-Day Vulnerability (CVE-2025-4664) Actively Exploited in The Wild

Google has rolled out a fresh Stable Channel update for the Chrome browser across desktop platforms, including Windows, Mac, and Linux. This update elevates Chrome to version 136.0.7103.113/.114 for Windows and Mac, and 136.0.7103.113 for Linux. The deployment will occur gradually over the next few days and weeks, ensuring users worldwide receive the latest enhancements. […] The post Google Chrome Zero-Day Vulnerability (CVE-2025-4664) Actively …

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement in a component called Loader. "Insufficient policy enforcement in Loader in Google