CVE Catalog

CVE-2026-14077

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile — higher than 7% of all known CVEs

Summary

A vulnerability in Google Chrome on Mac prior to version 150.0.7871.47 allowed a remote attacker to spoof the Omnibox (URL bar) contents via a crafted HTML page. The issue stems from an inappropriate implementation of the Select function.

Risk Assessment

An attacker can deceive users by displaying a fake URL, facilitating phishing or social engineering attacks.

Recommendation

Immediately update Google Chrome on Mac systems to version 150.0.7871.47 or later.

Original NVD description (English source)

Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS