Debug Messages Revealing Unnecessary Information

CVE-2025-12910

Medium

6.2/10

Summary

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-1295 - Debug Messages Revealing Unnecessary Information

The product fails to adequately prevent the revealing of unnecessary and potentially sensitive system information within debugging messages.

References

Advisory
Advisory
Issue

Advisory Timeline

Published Nov 08, 2025

Debug Messages Revealing Unnecessary Information

CVE-2025-12910

Summary

CWE-1295 - Debug Messages Revealing Unnecessary Information

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS