UI Spoofing Vulnerability in Google Chrome on Windows
CVE-2026-14138
Currently unrated
What is CVE-2026-14138?
A vulnerability has been identified in Google Chrome for Windows, specifically affecting versions before 150.0.7871.47. This flaw lies within the WebAppInstalls component and enables a remote attacker to execute UI spoofing attacks. By persuading users to interact with fabricated UI elements on a maliciously crafted HTML page, an attacker could deceive users into believing they are engaging with legitimate content. This vulnerability emphasizes the importance of user vigilance and the need for robust browser security measures.
Affected Version(s)
Chrome 150.0.7871.47