VYPR
Medium severity5.4NVD Advisory· Published Jun 24, 2025· Updated Jun 17, 2026

CVE-2025-6556

CVE-2025-6556

Description

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

Affected products

11

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.