GHSA-hpg9-wr8w-wg43 · Severity: unknown — Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote...
Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
Conclusion & alert: CVE-2026-14126 is rated Risk Under Review. Mandatory action: Scoring and exploitation signals are still pending—keep following this page for CVSS or EPSS updates, then reassess remediation priority once scores appear.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
EPSS has not published a score for this CVE yet—common while NVD analysis or FIRST scoring is still pending. Monitor daily updates and reassess once scores appear.
CVSS metrics for this CVE.
No CVSS data in dataset for this CVE.
GHSA-hpg9-wr8w-wg43 · Severity: unknown — Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
end-of-life | CVE-2026-14126 end-of-life priority: Debian including 1 source packages (chromium), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 5. | https://security-tracker.debian.org/tracker/CVE-2026-14126 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| No affected products in dataset. | |||