CVE-2025-12910
CVE-2025-12910
In short
A vulnerability in Google Chrome's Passkeys feature allows local attackers to access sensitive information from debug logs. This could expose authentication details or other confidential data if someone gains access to your computer.
Technical detail
Inappropriate implementation in the Passkeys functionality (CWE-1295: Improper Neutralization of Special Elements) in Chrome versions prior to 140.0.7339.80 permits local attackers to extract potentially sensitive information through debug logs. The attack requires local access to the affected system; impact includes disclosure of information that should not be exposed in logging mechanisms.
Summary generated and translated by AI from the official description.
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Google · ChromeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →