- The unique management of Google Chrome of the reference policy creates a major escape for the silent data siphon
- The CVE-2025-4664 proves that even confidence browsers are not immune to catastrophic vulnerabilities of zero day
- Transversal origin data is to be won if you have not updated chrome or chrome
A newly discovered zero-day vulnerability that affects both Windows and Linux systems could put billions of Google Chrome and Chromium users at serious risk of data theft, experts warned.
WAZUH researchers say that this defect – followed under the name of CVE -2025-4664 – has already drawn urgent attention because of its ability to disclose sensitive data of cross origin such as OAUTH tokens and session identifiers without user interaction.
The flaw, identified in the chromium and chromium browser charger component, concerns how these browsers treat the HTTP liaison header for subressource requests such as images or scripts.
Chrome opening the door to data leaks
Unlike other general public browsers, Chrome honors the reference policy directive, even on subdressources.
This behavior allows a malicious site to inject a lax policy, such as dangerous-url, which effectively fled in full URL, including sensitive data, in third party domains.
This type of feat bypassing conventional browser defenses and directly undermines common safety assumptions in web infrastructure.
Wazuh says it can detect and alleviate this defect via its Wazuh vulnerability detection module, which uses data from its Cyber Threat Intelligence (CTI) service to monitor software versions and increase alerts when vulnerable packages are found.
In a laboratory environment configured using Wazuh Ova 4.12.0, security researchers demonstrated how the final points running Windows 11 and Debian 11 could be scanned to identify whether they executed vulnerable versions of chrome or chromium.
As indicated in Wazuh’s dashboard, users are invited to add the CVE-2025-4664 request to quickly isolate the impacted systems, the module updated the “active” vulnerability status to “resolved” once the mitigation stages are checked.
Google has published an emergency fix to solve the problem on Windows and Gentoo Linux systems. Users of these platforms are advised to update their browsers immediately.
For chromium users on Debian 11, all versions up to 120.0.6099.224 remain vulnerable and no updated package has yet been published. Users are encouraged to uninstall the browser until a corrected version is available.
Despite these rapid actions, the wider concern remains: how can users and businesses reliably protect themselves against zero-day exploits based on a browser?
The application of patches is essential, but only relying on the browser updates can leave significant gaps. For this reason, it is recommended to use platforms for the protection of termination points, as well as protection solutions against malware and antivirus, to stay safe.
These tools provide layers that go beyond the vulnerabilities of the browser, offering real-time detection and a containment of exploitation attempts.
