Google Chrome UI Spoofing via Malicious HTML Page

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Google Chrome UI Spoofing via Malicious HTML Page

DEBIAN-CVE-2026-5878

Summary

Google Chrome users may be tricked into entering sensitive information on a fake website. This happens when a hacker creates a website that looks like a legitimate one, but is actually a fake. Users should update their Chrome browser to the latest version to stay safe.

What to do

Update debian chromium to version 147.0.7727.55-1~deb12u1.
Update debian chromium to version 147.0.7727.55-1~deb13u1.
Update debian chromium to version 147.0.7727.55-1.

Affected software

Vendor	Product	Affected versions	Fix available
debian	chromium	All versions	–
debian	chromium	<= 147.0.7727.55-1~deb12u1	147.0.7727.55-1~deb12u1
debian	chromium	<= 147.0.7727.55-1~deb13u1	147.0.7727.55-1~deb13u1
debian	chromium	<= 147.0.7727.55-1	147.0.7727.55-1

Original title

Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Original description

Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

https://security-tracker.debian.org/tracker/CVE-2026-5878 Vendor Advisory

Published: 8 Apr 2026 · Updated: 12 Apr 2026 · First seen: 12 Apr 2026