High severityNVD Advisory· Published Aug 14, 2025· Updated Apr 15, 2026

CVE-2025-27388

Description

Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.