CWE-451
User Interface (UI) Misrepresentation of Critical Information
Description
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-154 · CAPEC-163 · CAPEC-164 · CAPEC-173 · CAPEC-98
CVEs mapped to this weakness (107)
page 2 of 6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-11227 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low) | ||
| CVE-2026-11225 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low) | ||
| CVE-2026-11222 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Incorrect security UI in Tab Strip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2026-11215 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Inappropriate implementation in Cronet in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) | ||
| CVE-2026-11019 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-11001 | Med | 0.42 | 6.5 | 0.00 | Jun 4, 2026 | Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-42891 | Med | 0.42 | 6.5 | 0.00 | May 12, 2026 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2026-3861 | Med | 0.42 | 6.5 | 0.00 | Apr 16, 2026 | LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become… | ||
| CVE-2026-5905 | Med | 0.42 | 6.5 | 0.00 | Apr 8, 2026 | Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2026-3889 | Med | 0.42 | 6.5 | 0.00 | Mar 24, 2026 | Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9. | ||
| CVE-2026-21527 | Med | 0.42 | 6.5 | 0.09 | Feb 10, 2026 | User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2025-14744 | Med | 0.42 | 6.5 | 0.00 | Dec 18, 2025 | Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0. | ||
| CVE-2025-46287 | Med | 0.42 | 6.5 | 0.00 | Dec 12, 2025 | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An attacker may be able to… | ||
| CVE-2025-11718 | Med | 0.42 | 6.5 | 0.00 | Oct 14, 2025 | When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144. | ||
| CVE-2025-10290 | Med | 0.42 | 6.5 | 0.00 | Sep 16, 2025 | Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press. This vulnerability was fixed… | ||
| CVE-2025-43327 | Med | 0.42 | 6.5 | 0.00 | Sep 15, 2025 | The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing. | ||
| CVE-2025-9186 | Med | 0.42 | 6.5 | 0.00 | Aug 19, 2025 | Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability was fixed in Firefox 142. | ||
| CVE-2025-9183 | Med | 0.42 | 6.5 | 0.00 | Aug 19, 2025 | Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2. | ||
| CVE-2025-5986 | Med | 0.42 | 6.5 | 0.00 | Jun 11, 2025 | A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using… | ||
| CVE-2025-4086 | Med | 0.42 | 6.5 | 0.00 | Apr 29, 2025 | A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.*. This vulnerability was… |
- risk 0.42cvss 6.5epss 0.00
Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low)
- risk 0.42cvss 6.5epss 0.00
Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low)
- risk 0.42cvss 6.5epss 0.00
Incorrect security UI in Tab Strip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
- risk 0.42cvss 6.5epss 0.00
Inappropriate implementation in Cronet in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
- risk 0.42cvss 6.5epss 0.00
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.42cvss 6.5epss 0.00
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.42cvss 6.5epss 0.00
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
- risk 0.42cvss 6.5epss 0.00
LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become…
- risk 0.42cvss 6.5epss 0.00
Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
- risk 0.42cvss 6.5epss 0.00
Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9.
- risk 0.42cvss 6.5epss 0.09
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
- risk 0.42cvss 6.5epss 0.00
Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0.
- risk 0.42cvss 6.5epss 0.00
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An attacker may be able to…
- risk 0.42cvss 6.5epss 0.00
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144.
- risk 0.42cvss 6.5epss 0.00
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press. This vulnerability was fixed…
- risk 0.42cvss 6.5epss 0.00
The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing.
- risk 0.42cvss 6.5epss 0.00
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability was fixed in Firefox 142.
- risk 0.42cvss 6.5epss 0.00
Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2.
- risk 0.42cvss 6.5epss 0.00
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using…
- risk 0.42cvss 6.5epss 0.00
A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.*. This vulnerability was…