CVE-2026-2318 – Google Chrome PictureInPicture UI Spoofing Vulnerability

CVE ID : CVE-2026-2318

Published : Feb. 11, 2026, 7:15 p.m. | 1 hour, 9 minutes ago

Description : Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…