UI Spoofing Vulnerability in Google Chrome Extensions
CVE-2026-14142

Currently unrated

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
30 June 2026

What is CVE-2026-14142?

A vulnerability in Google Chrome's Extensions mechanism allows a remote attacker to impersonate legitimate UI components. By exploiting this flaw via a specially crafted HTML page, an attacker who has compromised the renderer process can mislead users into interacting with what appears to be genuine interface elements. This could result in unintended actions by users, potentially leading to data exposure or further system compromise.

Affected Version(s)

Chrome 150.0.7871.47

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.