VDB
ANCHORE-2026-2318
ANCHORE-2026-2318
PUBLISHED
Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | 0, 0, 0 |
Timeline
- Feb 11, 2026 CVE Published
- Feb 12, 2026 CVE Updated