Security Advisory

CVE-2026-3942

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 22:04:17

Last updated 2026-03-12 14:33:33

Assigner Chrome

State PUBLISHED

Description

Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

← Browse all CVEs View on cve.org ↗