Weaknesses of type CWE-451
231 resultsCVE-2026-20732LOWBIG-IP Configuration utility vulnerabilityEPSS 0.2%CVE-2026-5897MEDIUMIncorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in speciEPSS 0.2%CVE-2026-11294MEDIUMInappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a craEPSS 0.2%CVE-2026-11228MEDIUMInappropriate implementation in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage EPSS 0.2%CVE-2026-11286MEDIUMInsufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-11300MEDIUMInappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a cEPSS 0.2%CVE-2026-5898MEDIUMIncorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a craftEPSS 0.2%CVE-2026-2032MEDIUMInterrupted page loads in new tabs could allow website spoofing under trusted domains in Firefox iOSEPSS 0.1%CVE-2026-11216MEDIUMIncorrect security UI in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specEPSS 0.1%CVE-2025-14020MEDIUMLINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security ToEPSS 0.1%CVE-2025-46394LOWIn tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.EPSS 0.1%CVE-2026-3925MEDIUMIncorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofingEPSS 0.1%CVE-2025-14023LOWLINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user inteEPSS 0.1%CVE-2025-14019LOWLINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure EPSS 0.1%CVE-2026-11232MEDIUMInappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicEPSS 0.1%CVE-2025-12446MEDIUMIncorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in speciEPSS 0.1%CVE-2025-12911MEDIUMInappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a cEPSS 0.1%CVE-2026-8584MEDIUMInappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the rendEPSS 0.1%CVE-2026-8565MEDIUMInappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to instalEPSS 0.1%CVE-2026-35371LOWuutils coreutils id Misleading Identity Reporting in Pretty Print ModeEPSS 0.1%