You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-9866
About this tag
CVE-2025-9866 is a Chromium security vulnerability involving an inappropriate implementation in Extensions that allows a crafted HTML page to bypass Content Security Policy (CSP). Google has released a Chrome stable update to fix the issue, and Microsoft's Chromium-based Edge inherits the same upstream patch. This tag covers discussions on the vulnerability details, affected browsers, and patching guidance for Windows users and administrators.
Google's Chromium project has logged a serious security issue — tracked as CVE-2025-9866 — describing an inappropriate implementation in Extensions that can be weaponized to bypass Content Security Policy (CSP) via a crafted HTML page; Google has issued a Chrome stable update to remediate the...