Google Chrome Security Bypass Vulnerability (CNVD-2026-11754)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from a security user interface error in split-screen view, which can be exploited by an attacker to bypass security restrictions...

Dust: Unauthorized Table Creation by Member

A member user was able to create tables inside restricted company data spaces, despite the UI indicating that only workspace builders admins should be allowed. The "Add Data" button appeared disabled in the UI, but it was still interactable and functional, allowing the member to successfully crea...

CVE-2025-26643

The UI performs the wrong action in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

The vulnerability of the Google Chrome browser’s Navigation function, which allows attackers to perform spoofing attacks

The vulnerability of the Google Chrome browser’s Navigation function is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created HTML page...

The vulnerability of the MSHTML platform in Microsoft Windows operating systems allows a hacker to execute a spoofing attack.

The vulnerability of the MSHTML platform in Microsoft Windows systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spoofing attack...

The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spear-phishing attack.

The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...

The vulnerability of the Microsoft Dynamics 365 resource planning software, related to errors in the user interface’s information presentation, allows a perpetrator to carry out spear-phishing attacks.

The vulnerability of the Microsoft Dynamics 365 resource planning software is related to errors in information presentation at the user interface level. Exploiting this vulnerability allows an attacker to carry out spear-phishing attacks remotely...

The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spear-phishing attack.

The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...

The vulnerability of Themes component in the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of Themes component in the Windows operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system...

The vulnerability of Windows operating system DNS servers, which allows attackers to perform spoofing attacks

The vulnerability of DNS servers in Windows operating systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform spoofing attacks remotely...

The vulnerability of the Jupyter extension in Microsoft Visual Studio’s software development environment allows attackers to perform spear-phishing attacks.

The vulnerability of the Jupyter extension in Microsoft Visual Studio relates to errors in information presentation on the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks...

The vulnerability of the HTTPS-only Mode setting in the Firefox browser allows attackers to carry out clickjacking attacks.

The vulnerability of the HTTPS-only Mode setting in the Firefox browser is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to carry out a clickjacking attack...

The vulnerability in the full-screen mode of the Firefox browser allows attackers to perform spoofing attacks.

The vulnerability of the full-screen mode of the Firefox browser is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

The vulnerability of the Microsoft OneNote note-taking software, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft OneNote note-taking software relates to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

PT-2023-4299 · Microsoft · Outlook

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Outlook email client. Exploitation of this issue may allow a remote...

PT-2023-3921 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in presenting information to the user interface, which can allow a remote attacker to perform a spoofing attack. Recommendations: At the...

PT-2023-3843 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to perfor...

The vulnerability in the `window.open` method of Mozilla Firefox, Focus for Android, Mozilla Firefox ESR, and the email client Thunderbird allows a hacker to conceal full-screen notifications and perform spoofing attacks.

The vulnerability of the window.open method in Mozilla Firefox, Focus for Android, Mozilla Firefox ESR, and the email client Thunderbird is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to conceal full-screen notifications...

NetScaler firmware upgrade to 13.1-42.47 or later versions failing from GUI

NetScalers havingany builds of 12.1 or 13.0 version or earlier than 13.1-42.47 cannot perform an upgrade to the version 13.1-42.47 or later through GUI. Trying to perform an upgrade through GUI reports an error "file too large" or UI might hang...

The vulnerability of the Microsoft Office application suite for Android, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Office application suite for Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to carry out spear-phishing attacks...