CVE-2026-2032 — Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This — CVE Database · The Intelligence Room