Security Advisory

CVE-2026-3928

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 22:04:10

Last updated 2026-03-14 02:53:42

Assigner Chrome

State PUBLISHED

Description

Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

← Browse all CVEs View on cve.org ↗