UI Spoofing Vulnerability in Google Chrome for Android and Mac
CVE-2026-8564

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 14 May 2026

What is CVE-2026-8564?

An issue in the security user interface of Downloads within Google Chrome for both Android and Mac versions prior to 148.0.7778.168 enables remote attackers to execute UI spoofing attacks through specially crafted HTML pages. This vulnerability can mislead users into believing they are interacting with legitimate interfaces, potentially compromising user data and security.

Affected Version(s)

Chrome 148.0.7778.168

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/418273622

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
May 14, 2026

CVE-2026-8564 Data

JSON