CVE Catalog

CVE-2026-13982

LowCVSS 3.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile — higher than 9% of all known CVEs

Summary

In Google Chrome prior to version 150.0.7871.47, an incorrect security UI in the Passwords feature allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page.

Risk Assessment

The organization is at risk of phishing attacks where users may be tricked into revealing sensitive credentials, potentially leading to account and system compromise.

Recommendation

Immediately update Google Chrome to version 150.0.7871.47 or later to remediate this vulnerability.

Original NVD description (English source)

Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS