UI Spoofing Vulnerability in Google Chrome for Windows
CVE-2024-7021

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 14 November 2025

What is CVE-2024-7021?

A vulnerability exists in the Autofill feature of Google Chrome for Windows that allows remote attackers to conduct UI spoofing by leveraging a crafted HTML page. This could lead users to believe they are interacting with legitimate dialog boxes or pop-ups, potentially compromising sensitive information.

Affected Version(s)

Chrome 124.0.6367.60

References

https://chromereleases.googleblog.com/2024/04/stable-chan...

https://issues.chromium.org/issues/40064701

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2025
Vulnerability Reserved
Jul 23, 2024

JSON