UI Spoofing Vulnerability in Google Chrome for Mac
CVE-2026-8565

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 14 May 2026

What is CVE-2026-8565?

A vulnerability in Google Chrome for Mac prior to version 148.0.7778.168 allows an adversary to exploit improper implementation in the Downloads feature. By persuading users to install a malicious Chrome extension, attackers can execute UI spoofing attacks, misleading users and potentially compromising sensitive information. This vulnerability underscores the importance of scrutinizing extensions and keeping software up to date to mitigate risks.

Affected Version(s)

Chrome 148.0.7778.168

References

https://chromereleases.googleblog.com/2026/05/stable-chan...

https://issues.chromium.org/issues/442860473

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
May 14, 2026

CVE-2026-8565 Data

JSON