Fallos del tipo CWE-451
231 resultadosCVE-2026-39309MEDIUMTrilium Notes: macOS TCC Bypass via Prompt SpoofingEPSS 0.2%CVE-2026-11254MEDIUMInappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a cEPSS 0.2%CVE-2025-3859MEDIUMFirefox Focus elide URL allows address bar spoofingEPSS 0.2%CVE-2024-7021MEDIUMInappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofingEPSS 0.2%CVE-2026-11222MEDIUMIncorrect security UI in Tab Strip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafteEPSS 0.2%CVE-2025-14744MEDIUMFilename spoofing via Unicode Right-to-Left Override in Firefox for iOSEPSS 0.2%CVE-2026-0904MEDIUMIncorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain spoofing viEPSS 0.2%CVE-2026-44659MEDIUMZen Browser Mac - Address Bar Spoofing via Long SubdomainEPSS 0.2%CVE-2026-8564MEDIUMIncorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofEPSS 0.2%CVE-2025-13102MEDIUMInappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI sEPSS 0.2%CVE-2026-5906MEDIUMIncorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the OEPSS 0.2%CVE-2026-3935MEDIUMIncorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a craftEPSS 0.2%CVE-2026-8015MEDIUMInappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a craftedEPSS 0.2%CVE-2026-8019MEDIUMInsufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a craEPSS 0.2%CVE-2026-11215MEDIUMInappropriate implementation in Cronet in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofiEPSS 0.2%CVE-2026-5895MEDIUMIncorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the OmnibEPSS 0.2%CVE-2026-11225MEDIUMInappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a craEPSS 0.2%CVE-2026-11227MEDIUMIncorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a EPSS 0.2%CVE-2025-12729MEDIUMInappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user tEPSS 0.2%CVE-2025-68277HIGHOpenEMR allows links sent via Secure Messaging to be opened in OpenEMR and PortalEPSS 0.2%