CVE-2026-14020
ADVISORY - debianSummary
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- chromium [bullseye] - chromium (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061268)
Common Weakness Enumeration (CWE)
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in