CVE Catalog
CVE-2026-14077
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.17%
7th percentile — higher than 7% of all known CVEs
Summary
A vulnerability in Google Chrome on Mac prior to version 150.0.7871.47 allowed a remote attacker to spoof the Omnibox (URL bar) contents via a crafted HTML page. The issue stems from an inappropriate implementation of the Select function.
Risk Assessment
An attacker can deceive users by displaying a fake URL, facilitating phishing or social engineering attacks.
Recommendation
Immediately update Google Chrome on Mac systems to version 150.0.7871.47 or later.
Original NVD description (English source)
Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

