Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome Browser: Compromised Renderer Process Can Spoof URL Bar
DEBIAN-CVE-2026-5880
Summary
A security flaw in older versions of Google Chrome allows a hacker who has already taken control of your browser to trick you into thinking you're visiting a different website. This could potentially lead to the theft of sensitive information or the installation of malware. Update your Chrome browser to the latest version to fix this issue.
What to do
- Update debian chromium to version 147.0.7727.55-1~deb12u1.
- Update debian chromium to version 147.0.7727.55-1~deb13u1.
- Update debian chromium to version 147.0.7727.55-1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | chromium | All versions | – |
| debian | chromium | <= 147.0.7727.55-1~deb12u1 | 147.0.7727.55-1~deb12u1 |
| debian | chromium | <= 147.0.7727.55-1~deb13u1 | 147.0.7727.55-1~deb13u1 |
| debian | chromium | <= 147.0.7727.55-1 | 147.0.7727.55-1 |
Original title
Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL ba...
Original description
Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
- https://security-tracker.debian.org/tracker/CVE-2026-5880 Vendor Advisory
Published: 8 Apr 2026 · Updated: 12 Apr 2026 · First seen: 12 Apr 2026