CVE-2025-12909 | Google Chrome up to 139.0.7258.154 Devtools cross-domain policy (ID 361116)

A vulnerability classified as problematic was found in Google Chrome. The affected element is an unknown function of the component Devtools. The manipulation results in permissive cross-domain policy with untrusted domains.

This vulnerability is known as CVE-2025-12909. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More