CVE-2026-14142
MEDIUMDescription
Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| chrome |
References
Frequently Asked Questions
What is CVE-2026-14142? +
How severe is CVE-2026-14142? +
What products are affected by CVE-2026-14142? +
How do I check if I'm vulnerable to CVE-2026-14142? +
Related Vulnerabilities
Cross-Frame Scripting (XFS) vulnerability in BoomCMS v9.1.4 from UXB London. XFS is a web attack technique that exploits specific browser …
The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted …
A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions …
Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open …
A select option could partially obscure security prompts. This could be used by a malicious site to trick a user …
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users …