Skip to main content

Google Chrome CVE-2026-14131

| EUVDEUVD-2026-40818 MEDIUM
Improper Input Validation (CWE-20)
2026-06-30 chrome-cve-admin@google.com GHSA-9gwh-j3gj-52pq
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
vuln.today AI
4.2 MEDIUM

Renderer compromise prerequisite raises AC to H; UI spoofing yields only C:L/I:L with no availability impact and no scope change.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
Analysis Generated
Jul 01, 2026 - 18:27 vuln.today
CVSS changed
Jul 01, 2026 - 16:07 NVD
5.4 (MEDIUM)
CVE Published
Jun 30, 2026 - 23:17 nvd
MEDIUM 5.4
CVE Published
Jun 30, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)

DescriptionNVD

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

AnalysisAI

UI spoofing in Google Chrome's WebAppInstalls component (prior to 150.0.7871.47) is reachable only after an attacker has already compromised the Chrome renderer process, making this a chained, post-exploitation capability rather than a standalone entry point. With a compromised renderer, the attacker can serve a crafted HTML page that bypasses insufficient input validation in WebAppInstalls to forge Chrome's native UI - potentially deceiving users into trusting malicious web app install prompts or dialogs. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Exploit separate Chrome renderer RCE vulnerability
Delivery
Gain code execution in sandboxed renderer
Exploit
Serve crafted HTML page from compromised renderer
Execution
Trigger insufficient input validation in WebAppInstalls
Persist
Spoof Chrome-native UI installation dialog
Impact
Deceive user into accepting malicious web app install

Vulnerability AssessmentAI

Exploitation Exploitation requires two distinct preconditions: (1) the attacker must have already achieved code execution within the Chrome renderer process via a separate vulnerability - this is the primary and highest barrier to exploitation; (2) the target user must perform active interaction (UI:R), visiting a crafted HTML page served by the compromised renderer. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Multiple signals converge on a low real-world priority despite the 5.4 CVSS Medium score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker first exploits a separate, higher-severity Chrome renderer vulnerability to gain code execution within the sandboxed renderer process. From that compromised renderer, they deliver a crafted HTML page that feeds malicious input into Chrome's WebAppInstalls UI flow, causing Chrome to display a spoofed installation dialog that appears to originate from a trusted source - potentially tricking a user into granting permissions or installing a malicious web app. …
Remediation Upgrade Google Chrome to version 150.0.7871.47 or later; this is confirmed as the vendor-released patched build per the Stable channel advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Package Hub 15 SP7 Fixed
openSUSE Tumbleweed Fixed
SUSE Package Hub 15 SP7 Affected

Share

CVE-2026-14131 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy