VYPR

CWE-451

User Interface (UI) Misrepresentation of Critical Information

ClassDraft

Description

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-154 · CAPEC-163 · CAPEC-164 · CAPEC-173 · CAPEC-98

CVEs mapped to this weakness (107)

page 5 of 6
  • CVE-2026-5898MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-5897MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-5891MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-5882MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-5880MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-5878MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-2919MedMar 9, 2026
    risk 0.28cvss 4.3epss 0.00

    Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a _self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability was…

  • CVE-2026-2032MedFeb 16, 2026
    risk 0.28cvss 4.3epss 0.00

    Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1.

  • CVE-2025-31266MedNov 21, 2025
    risk 0.28cvss 4.3epss 0.00

    A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name. This issue is fixed in Safari 18.5, macOS Sequoia 15.5. A website may be able to spoof the domain name in the title of a pop-up window.

  • CVE-2025-8364MedAug 19, 2025
    risk 0.28cvss 4.3epss 0.00

    A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 141.

  • CVE-2025-43228MedJul 30, 2025
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved UI. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2025-30467MedMar 31, 2025
    risk 0.28cvss 4.3epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2025-0729MedJan 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124…

  • CVE-2017-0888MedApr 5, 2017
    risk 0.28cvss 4.3epss 0.02

    Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.

  • CVE-2026-9110MedMay 20, 2026
    risk 0.27cvss 4.2epss 0.00

    Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-8584MedMay 14, 2026
    risk 0.27cvss 4.2epss 0.00

    Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-8564MedMay 14, 2026
    risk 0.27cvss 4.2epss 0.00

    Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-35371LowApr 22, 2026
    risk 0.21cvss 3.3epss 0.00

    The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This…

  • CVE-2026-48851LowMay 25, 2026
    risk 0.20cvss 3.1epss 0.00

    PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session.

  • CVE-2024-51749LowNov 12, 2024
    risk 0.16cvss 3.5epss 0.00

    Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once…