PT-2025-35827 · Linkedin · Linkedin Mobile Application For Android
Aiman Al Hadhrami
·
Published
2025-09-03
·
Updated
2025-09-08
·
CVE-2025-56139
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
LinkedIn Mobile Application for Android version 4.1.1087.2
Description
The LinkedIn Mobile Application for Android version 4.1.1087.2 does not update link preview metadata (image, title, description) when a user replaces the original URL in a post or comment before publishing. This results in the display of stale preview information while the link directs to a different URL, potentially malicious. This UI misrepresentation can be used to deceive users with trusted previews for harmful links, enabling phishing attacks and causing user confusion.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linkedin Mobile Application For Android