CVE-2025-11213: 
vulnerability analysis and mitigation

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. This vulnerability was assigned CVE-2025-11213 and was reported by Hafiizh on September 6, 2025 (Chrome Releases).

The vulnerability has been assigned a CVSS score of 6.3 (Medium), with the following characteristics: Network attack vector, Low attack complexity, No privileges required, User interaction required, Unchanged scope, and Low impact on confidentiality, integrity, and availability. The vulnerability was discovered in the Omnibox component of Chrome and received a bounty of $1000 (Rapid7, Ubuntu).

The vulnerability could allow an attacker to perform domain spoofing through a crafted HTML page, potentially misleading users about the website they are visiting. This could lead to phishing attacks or other forms of social engineering by making malicious websites appear legitimate (Debian Security).

The vulnerability has been fixed in Chrome version 141.0.7390.54. Various distributions have released security updates to address this issue. Debian has fixed this in version 141.0.7390.54-1~deb12u1 for bookworm and 141.0.7390.54-1~deb13u1 for trixie. Users are recommended to upgrade their Chrome installations to the latest version (Debian Security Announce).