VDB

ANCHORE-2026-2318

ANCHORE-2026-2318 PUBLISHED

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Affected Products

VendorProductVersions
GoogleChrome0, 0, 0

Timeline

  • Feb 11, 2026 CVE Published
  • Feb 12, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›