Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
DEBIAN-CVE-2026-3935
Summary
Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
What to do
- Update debian chromium to version 146.0.7680.71-1~deb12u1.
- Update debian chromium to version 146.0.7680.71-1~deb13u1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | chromium | All versions | – |
| debian | chromium | <= 146.0.7680.71-1~deb12u1 | 146.0.7680.71-1~deb12u1 |
| debian | chromium | <= 146.0.7680.71-1~deb13u1 | 146.0.7680.71-1~deb13u1 |
| debian | chromium | All versions | – |
Original title
Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Original description
Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- https://security-tracker.debian.org/tracker/CVE-2026-3935 Vendor Advisory
Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 14 Mar 2026