Medium severity5.4NVD Advisory· Published Sep 3, 2025· Updated Jun 17, 2026
CVE-2025-9867
CVE-2025-9867
Description
Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Affected products
3Patches
Vulnerability mechanics
References
2- chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.htmlnvdRelease Notes
- issues.chromium.org/issues/415496161nvdIssue TrackingPermissions Required
News mentions
0No linked articles in our index yet.