top of page
perceptive_background_267k.jpg

Incorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted…

Published:

19 januari 2026 om 23:00:00

Alert date:

20 januari 2026 om 16:03:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Web Technologies

A security vulnerability in Google Chrome on Android prior to version 144.0.7559.59 allows remote attackers to spoof the contents of the Omnibox (URL bar) through crafted HTML pages. The vulnerability is classified as incorrect security UI implementation. Despite being rated as low severity by Chromium, this type of UI spoofing attack can be used for phishing and social engineering attacks by making malicious websites appear legitimate to users. The vulnerability affects the browser's security indicators, potentially compromising user trust and security decisions.

Technical details

Mitigation steps:

Affected products:

Google Chrome on Android

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-0906
https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html
https://issues.chromium.org/issues/467448811

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page