CVE-2025-4664

Name of the Vulnerable Software and Affected Versions Chromium versions prior to 136.0.7103.113

Description A high-severity vulnerability in Chromium allows remote attackers to leak cross-origin data via crafted HTML pages, potentially leading to full account takeover. The vulnerability is caused by insufficient policy enforcement in the Loader component. It is being actively exploited in the wild, and users are urged to update their browsers immediately.

Recommendations To resolve the issue, update Chromium to version 136.0.7103.113 or later. As a temporary workaround, consider restricting access to the vulnerable Loader component until a patch is available. Avoid using Chromium until the update is applied, as the vulnerability can be exploited by visiting a malicious website.