Google · Google Chrome · CVE-2026-3928
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 146.0.7680.71
**Description**
A flaw exists in Google Chrome where insufficient policy enforcement in extensions could allow an attacker to perform UI spoofing. Specifically, if a user is tricked into installing a malicious extension, the attacker can manipulate the Chrome extension to perform a user interface spoofing attack.
**Recommendations**
Update Google Chrome to version 146.0.7680.71 or later.