CVE-2026-14114
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
An inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to version 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. This issue is rated as Low severity by the Chromium security team.
Risk Assessment
A local attacker could spoof the trusted web app installation interface, potentially tricking the user into performing unintended actions.
Recommendation
Update Google Chrome on Android to version 150.0.7871.47 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. (Chromium security severity: Low)

