top of page
perceptive_background_267k.jpg

Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain spoofing via a crafted HTML pag…

Published:

19 January 2026 at 23:00:00

Alert date:

20 January 2026 at 16:03:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A security vulnerability in Google Chrome's Digital Credentials feature prior to version 144.0.7559.59 allows remote attackers to perform domain spoofing attacks. The vulnerability stems from incorrect security UI implementation that can be exploited through crafted HTML pages. Chromium has classified this as a medium severity issue. The vulnerability enables attackers to potentially deceive users by spoofing legitimate domains through malicious web pages. This affects Chrome users who have not updated to version 144.0.7559.59 or later.

Technical details

Mitigation steps:

Affected products:

Google Chrome

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-0904
https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html
https://issues.chromium.org/issues/452209495

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page