4.8

CVE-2026-14154

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 150.0.7871.46
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.029
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 2.2 2.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
CWE-451 User Interface (UI) Misrepresentation of Critical Information

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html
Vendor Advisory
https://issues.chromium.org/issues/517741170
Permissions Required