Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Google Chrome: Malicious downloads can spoof Chrome's UI
CVE-2026-5897
Summary
Prior versions of Google Chrome had a security weakness that could be exploited by a malicious website to trick users into performing unintended actions. This issue has been fixed in version 147.0.7727.55 and later. Users should update to the latest version of Chrome to ensure they are protected.
Original title
Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML...
Original description
Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026