CVE-2026-13982
LowCVSS 3.1Exploitation Probability (EPSS)
Low risk9th percentile — higher than 9% of all known CVEs
Summary
In Google Chrome prior to version 150.0.7871.47, an incorrect security UI in the Passwords feature allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page.
Risk Assessment
The organization is at risk of phishing attacks where users may be tricked into revealing sensitive credentials, potentially leading to account and system compromise.
Recommendation
Immediately update Google Chrome to version 150.0.7871.47 or later to remediate this vulnerability.
Original NVD description (English source)
Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

