PT-2026-24876 · Google+1 · Google Chrome+1

Portsniffer443

Publicado

2025-08-03

Atualizado

2026-05-15

CVE-2026-3928

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.71

Description A flaw exists in Google Chrome where insufficient policy enforcement in extensions could allow an attacker to perform UI spoofing. Specifically, if a user is tricked into installing a malicious extension, the attacker can manipulate the Chrome extension to perform a user interface spoofing attack.

Recommendations Update Google Chrome to version 146.0.7680.71 or later.

Correção

UI Misrepresentation of Critical Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-451

Identificadores relacionados

BDU:2026-05745

CVE-2026-3928

OPENSUSE-SU-2026:10376-1

OPENSUSE-SU-2026:20372-1

Produtos afetados

Google Chrome

Red Os

PT-2026-24876 · Google+1 · Google Chrome+1

CVE-2026-3928

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 55