Primary

Context

Google Chrome Incorrect Security UI in Downloads Allowing UI Spoofing Vulnerability

Vulnerability

Patched

A vulnerability exists in Google Chrome on Android and Mac, prior to version 148.0.7778.168, that allows remote attackers to perform UI spoofing in the Downloads section. This issue is due to incorrect security user interface management, which can be exploited through a specially crafted HTML page.

Impact

Exploitation of this vulnerability could lead to UI spoofing, where an attacker manipulates the user interface to mislead users or create a false impression of the application or its content.

Remediation

Users can update to Google Chrome version 148.0.7778.168 or later to address this vulnerability.

Added: May 14, 2026, 8:39 PM

Updated: May 14, 2026, 8:39 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.8

remediation

7.7

relevance

8.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.8

remediation

7.7

relevance

8.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Google Chrome Incorrect Security UI in Downloads Allowing UI Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Google Chrome

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating