Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Network-delivered via crafted HTML with no auth required (PR:N), but demands active victim navigation (UI:R); impact is UI deception only, so I:L and C/A remain N.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Lifecycle Timeline
4DescriptionNVD
Incorrect security UI in TabStrip in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
AnalysisAI
UI spoofing in Google Chrome's TabStrip component, fixed in version 150.0.7871.47, enables remote attackers to misrepresent browser security indicators through specially crafted HTML pages. The incorrect security UI rendering in the tab strip allows an attacker to deceive users about the true origin or security state of a webpage, creating phishing-enablement risk. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to actively navigate to a crafted HTML page controlled by the attacker (UI:R), making this entirely dependent on some form of social engineering, malicious advertisement, or link delivery to achieve user interaction. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 4.3 (Medium) with vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N correctly characterizes this as a network-reachable, low-complexity flaw requiring no authentication but demanding active user interaction (visiting a crafted page). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker hosts a crafted HTML page designed to trigger incorrect TabStrip rendering in Chrome, making the browser's tab strip display a trusted domain name or security indicator that does not correspond to the actual loaded resource. A victim who navigates to the attacker's URL - delivered via phishing email or malicious advertisement - sees a spoofed security UI suggesting a trusted site, potentially increasing the likelihood of credential submission or sensitive data entry. … |
| Remediation | The primary remediation is to update Google Chrome to version 150.0.7871.47 or later, as confirmed by the vendor advisory at https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Package Hub 15 SP7 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP7 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40672
GHSA-8xxp-h8m6-wxx9