Google Chrome on Android Displays Fake Downloads Page

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome on Android Displays Fake Downloads Page

CVE-2026-3937

Summary

Malicious websites can show fake download pages in Google Chrome on Android devices, potentially tricking users into installing malware or entering sensitive information. This affects Google Chrome versions prior to 146.0.7680.71 on Android. Update your Chrome app to the latest version to fix this issue.

Original title

Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Original description

Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_...
https://issues.chromium.org/issues/473118648

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026