Article Details

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Source: The Hacker News
Published: 2025-05-15 06:15
Fetched: 2025-05-15 06:43
Read Original Article

Summary

Google has issued updates to patch four security vulnerabilities in its Chrome browser, including a high-severity flaw known as CVE-2025-4664. This vulnerability, which has a CVSS score of 4.3, involves insufficient policy enforcement in the Loader component, potentially allowing cross-origin data leaks. The flaw is particularly concerning because an exploit is already active in the wild, posing a risk to user data security. Google urges users to update their browsers immediately to mitigate potential threats. This incident underscores the importance of timely security updates and robust policy enforcement to protect against emerging cyber threats.

LinkedIn Post

🚨 Google patches a high-severity Chrome vulnerability (CVE-2025-4664) that allows cross-origin data leaks due to insufficient policy enforcement. An exploit is already in the wild—update your browser now! #Cybersecurity #ChromeUpdate #DataProtection #Infosec

Content

Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement in a component called Loader. "Insufficient policy enforcement in Loader in Google