Weaknesses of type CWE-451
231 resultsCVE-2026-1658MEDIUMContent spoofing vulnerability discovered in OpenText™ Directory ServicesEPSS 0.2%CVE-2026-0385MEDIUMMicrosoft Edge (Chromium-based) for Android Spoofing VulnerabilityEPSS 0.2%CVE-2025-10290MEDIUMOpening links via the contextual menu in Focus for iOS would not update the toolbar UI correctly, allowing attackers to spoof websitesEPSS 0.2%CVE-2025-4086MEDIUMSpecially crafted filename could be used to obscure download typeEPSS 0.2%CVE-2026-11172HIGHIncorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing EPSS 0.2%CVE-2026-11175HIGHIncorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a EPSS 0.2%CVE-2026-10984MEDIUMInappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoEPSS 0.2%CVE-2026-53829HIGHOpenClaw < 2026.5.18 - Command Truncation in Exec Approval DisplayEPSS 0.2%CVE-2025-46311HIGHAn inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS EPSS 0.2%CVE-2025-9183MEDIUMSpoofing issue in the Address Bar componentEPSS 0.2%CVE-2026-2322MEDIUMInappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage EPSS 0.2%CVE-2025-65046LOWMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 0.2%CVE-2026-11107MEDIUMInappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a craEPSS 0.2%CVE-2026-2316MEDIUMInsufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a craEPSS 0.2%CVE-2026-2318MEDIUMInappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to eEPSS 0.2%CVE-2023-7281MEDIUMInappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a EPSS 0.2%CVE-2026-48851LOWPuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxyEPSS 0.2%CVE-2026-2323MEDIUMInappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a craEPSS 0.2%CVE-2025-12435MEDIUMIncorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a cEPSS 0.2%CVE-2023-7282MEDIUMInappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage EPSS 0.2%