Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
Inappropriate implementation in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
AnalysisAI
UI spoofing in Google Chrome's File Input component allows remote unauthenticated attackers to misrepresent interface elements when a user is socially engineered into performing specific UI gestures on a crafted HTML page. Affected versions are all Chrome releases prior to 149.0.7827.53. The vulnerability carries a Chromium-assigned severity of Low and is limited to integrity impact (I:L) with no confidentiality or availability consequences. No public exploit code exists and no active exploitation is confirmed at time of analysis.
Technical ContextAI
CWE-451 (User Interface Misrepresentation of Critical Information) describes the root cause: the browser fails to accurately represent security-relevant state to the user through its UI. Specifically, the affected component is the HTML File Input element (<input type='file'>), which handles file selection dialogs and associated UI rendering. An inappropriate implementation in this component allows a crafted HTML page to influence how file-related UI elements are rendered or labeled, enabling an attacker to spoof what the user perceives as a trusted or benign file dialog interaction. This class of vulnerability is particularly relevant in browser contexts because users rely on accurate file picker UI to make security decisions about what data they share.
RemediationAI
Update Google Chrome to version 149.0.7827.53 or later via the stable channel desktop update. The patch is confirmed available per Google's Chrome Releases advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html. Most Chrome installations with auto-update enabled will receive this patch automatically. For enterprise environments managing Chrome via policy, deploy the update through your endpoint management tooling. Given the low severity and requirement for active user UI interaction, no emergency workaround is needed for most organizations; standard patch cadence is appropriate. There are no known workarounds beyond updating, as the underlying implementation flaw is in the browser's File Input rendering logic.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34689
GHSA-jgp7-m5h4-gf5p