UI Spoofing Vulnerability in Google Chrome on Windows
CVE-2026-14138

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
30 June 2026

What is CVE-2026-14138?

A vulnerability has been identified in Google Chrome for Windows, specifically affecting versions before 150.0.7871.47. This flaw lies within the WebAppInstalls component and enables a remote attacker to execute UI spoofing attacks. By persuading users to interact with fabricated UI elements on a maliciously crafted HTML page, an attacker could deceive users into believing they are engaging with legitimate content. This vulnerability emphasizes the importance of user vigilance and the need for robust browser security measures.

Affected Version(s)

Chrome 150.0.7871.47

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.