CVE Catalog
CVE-2026-14381
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.21%
11th percentile — higher than 11% of all known CVEs
Summary
A vulnerability in the WebAppInstalls component of Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. The issue stems from incorrect security UI handling.
Risk Assessment
An attacker can spoof the trusted web app installation interface, potentially leading to fraud or data theft from the user.
Recommendation
Update Google Chrome to version 150.0.7871.46 or later immediately.
Original NVD description (English source)
Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

