CVE Catalog

CVE-2026-13942

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.09%

1th percentile — higher than 1% of all known CVEs

Summary

Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a crafted HTML page.

Risk Assessment

The risk involves a local attacker tricking the user, potentially leading to data theft or unauthorized actions within the browser context.

Recommendation

It is recommended to immediately update Google Chrome on ChromeOS to version 150.0.7871.47 or later.

Original NVD description (English source)

Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS