A Google Chrome vulnerability allowing the leak of OAuth codes was added to the Known Exploited Vulnerabilities catalog by the Cybersecurity & Infrastructure Security Agency (CISA) on Thursday.The flaw, tracked as CVE-2025-4664, is due to insufficient policy enforcement in the Google Chrome Loader, Google said Wednesday.The vulnerability was discovered by security researcher Vsevolod Kokorin, who explained on X how an attacker could use the flaw to capture the full query parameters of a referrin...