CVE-2025-5009

LOW

Google Gemini iOS - Unauthorized Exposure of Private Conversation History via Public Link Sharing

Title source: llm

Description

In Gemini iOS, when a user shared a snippet of a conversation, it would share the entire conversation via a sharable public link that contained the entire conversation history and not just the snippet.

References (1)

Core 1

Core References

Various Sources

https://medium.com/@warisjeet31/google-gemini-ios-vulnerability-public-link-sharing-silently-leaks-entire-conversations-e1f80cbea25c

Scores

CVSS v4 1.0

EPSS 0.0012

EPSS Percentile 2.3%

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-359

Status published

Products (1)

Google/Gemini

Published Oct 08, 2025

Tracked Since Feb 18, 2026