CVE-2025-1566
HIGHDescription
DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.
Is your site exposed to CVE-2025-1566?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| chrome_os |
References
Frequently Asked Questions
What is CVE-2025-1566? +
How severe is CVE-2025-1566? +
What products are affected by CVE-2025-1566? +
How do I check if I'm vulnerable to CVE-2025-1566? +
Related Vulnerabilities
On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor …
An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in …
Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except …
In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead …
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code …
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of …