Microsoft Edge Chromium Based
Monthly
Privilege elevation in Microsoft Edge (Chromium-based) lets a network attacker escalate privileges by luring a victim into loading crafted web content that triggers an untrusted pointer dereference (CWE-822). Microsoft rates it CVSS 8.3, driven by a scope change (sandbox/boundary crossing) and full confidentiality, integrity, and availability impact, but exploitation requires user interaction and is of high attack complexity. No public exploit identified at time of analysis (E:U), it is not on CISA KEV, and an official vendor fix is available.
Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated network attacker run arbitrary code by luring a victim into interacting with crafted content that triggers unsafe deserialization (CWE-502). The flaw carries CVSS 8.3 with a scope change, meaning successful exploitation can break out of the browser's security boundary, though there is no public exploit identified at time of analysis and Microsoft has already shipped a fix.
Security feature bypass in Microsoft Edge for Android exposes high-confidentiality data to unauthenticated network attackers who can induce user interaction. The vulnerability stems from improper access control (CWE-284) in the Chromium-based mobile browser, allowing an attacker to circumvent a security boundary and access protected information without credentials. No active exploitation is confirmed (CISA KEV absent, temporal metric E:U), and a vendor patch is available via MSRC, making this a patch-priority item rather than an emergency response.
Information disclosure in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 enables network-based attackers to expose sensitive browser data through a use-after-resource condition (CWE-672). Exploitation requires user interaction and high attack complexity, but the changed scope (S:C) indicates the flaw breaches browser isolation boundaries, yielding high confidentiality impact. No public exploit or active exploitation has been identified at time of analysis; vendor patch is available from Microsoft MSRC.
Spoofing in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 allows a remote unauthenticated attacker to present deceptive browser UI to a victim user, resulting in high-confidentiality-impact information disclosure. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms exploitation is network-delivered and requires only a single user interaction, consistent with a classic UI-spoofing or URL-spoofing class of flaw. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; a vendor-released patch is available.
Insufficient UI warning of dangerous operations in Microsoft Edge (Chromium-based) before version 150.0.4078.48 enables network-based spoofing attacks against users who interact with adversary-controlled content. Per the CVSS vector (PR:N, UI:R), an unauthenticated remote attacker can exploit this flaw without any privileges, but requires the victim to interact with the browser during the attack. No public exploit identified at time of analysis; the Medium CVSS score of 4.3 and confidentiality-only impact (C:L) reflect a bounded but real risk primarily useful for phishing, credential harvesting, or identity spoofing scenarios.
Cross-site scripting in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 enables network-based spoofing attacks against users who interact with attacker-controlled content. The flaw stems from improper input neutralization during web page generation (CWE-79), allowing injected scripts to execute within the browser's context and manipulate rendered content. No public exploit code or active exploitation has been identified at time of analysis, and Microsoft has released a patch addressing the issue.
Absolute path traversal in Microsoft Edge for Android (Chromium-based) prior to version 150.0.4078.48 enables local, unauthenticated information disclosure by allowing crafted paths to escape the application's intended directory scope. The CVSS vector (AV:L/C:H/I:N/A:N) confirms the impact is limited to confidentiality loss on the local device, with no integrity or availability consequences. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
Cross-site scripting in Microsoft Edge (Chromium-based) before version 150.0.4078.48 lets a remote attacker trick a victim into rendering attacker-controlled script that spoofs UI or content over the network. Because the CVSS scope is changed (S:C) and user interaction is required (UI:R), a lured user visiting or interacting with a malicious page can be deceived into trusting forged content, undermining browser security-context integrity. Reported by Microsoft with a vendor patch available; EPSS is low (0.28%, 20th percentile) and no public exploit identified at time of analysis.
Information disclosure in Microsoft Edge for Android (Chromium-based) allows a network-based attacker to expose a victim's private personal information, but only after luring the user into interacting with attacker-controlled content (UI:R). The flaw carries a CVSS 7.1 rating driven by high confidentiality impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor patch is available via Microsoft's MSRC update guide.
Information disclosure in Microsoft Edge for Android allows a remote unauthenticated attacker to exfiltrate private personal information over the network when a victim interacts with attacker-controlled content. The flaw carries a CVSS 7.1 with high confidentiality impact and stems from private data being exposed to an unauthorized actor (CWE-359); Microsoft has released a fix. No public exploit identified at time of analysis and it is not listed in CISA KEV.
Security-feature bypass in Microsoft Edge (Chromium-based) stems from a type-confusion (CWE-843) flaw that a remote, unauthenticated attacker can trigger over the network to defeat a browser security boundary. Microsoft has published a fix via its Update Guide (CVE-2026-58295), and the issue carries a CVSS 8.3 with a scope change reflecting the crossed trust boundary. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthorized, remote attacker can trigger to run arbitrary code. Exploitation requires the victim to interact with attacker-controlled web content, and the CVSS 3.1 vector marks high attack complexity (AC:H) despite requiring no privileges (PR:N). Microsoft has released a fix; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Remote code execution in Microsoft Edge (Chromium-based) before version 150.0.4078.48 lets an unauthorized attacker run arbitrary code when a victim is lured to interact with attacker-controlled content, stemming from external control of a file name or path (CWE-73). The flaw is network-reachable but non-trivial to exploit, requiring user interaction and high attack complexity, and there is no public exploit identified at time of analysis. Microsoft has released a patched build, and EPSS estimates a low 0.53% exploitation probability with SSVC reporting no observed exploitation.
Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run code on a victim's machine when the user is lured into interacting with attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and, per its CVSS scope-change metric, is consistent with a renderer/sandbox boundary escape. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix.
Remote code execution in Microsoft Edge (Chromium-based) stems from a type confusion flaw (CWE-843) that an unauthorized attacker can trigger over the network to run arbitrary code, provided the victim interacts with attacker-controlled web content. Microsoft self-reported and has shipped a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high attack complexity (AC:H) and required user interaction (UI:R) temper an otherwise network-reachable, unauthenticated attack surface.
Remote code execution in Microsoft Edge (Chromium-based) before 150.0.4078.48 allows an unauthenticated attacker to run arbitrary code when a victim is lured to a malicious web page, via a type-confusion flaw (CWE-843) in the browser engine. The CVSS:3.1 score is 8.3 with a scope change (S:C), indicating a likely sandbox/renderer boundary escape, though exploitation carries high attack complexity and requires user interaction. There is no public exploit identified at time of analysis and CISA SSVC records exploitation status as none, with EPSS at 0.53% (41st percentile).
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthenticated, network-based attacker can trigger to run arbitrary code in the browser process. Exploitation requires the victim to interact — typically by visiting a malicious or compromised web page — and the CVSS 3.1 score of 8.3 reflects high attack complexity plus a scope change consistent with a renderer sandbox escape. There is no public exploit identified at time of analysis and no CISA KEV listing, though the underlying Chromium engine origin (tags reference Google) means a shared upstream root cause across Chromium browsers is likely.
Spoofing in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker misrepresent trusted UI or content to a victim by abusing improper access control (CWE-284), per Microsoft's own advisory (MSRC CVE-2026-58286). The high CVSS 8.1 is driven by a scope-changed impact (S:C) with high integrity effect, though the AC:H rating signals the attack is not trivially reliable. Currently there is no public exploit identified at time of analysis and no CISA KEV listing, so this is a proactively-patched issue rather than one under active exploitation.
Remote code execution in Microsoft Edge (Chromium-based) via a type-confusion flaw (CWE-843) lets an unauthorized attacker run arbitrary code when a victim is lured to malicious web content. The CVSS 3.1 base score is 8.3 with a scope change, reflecting a likely renderer-to-sandbox impact, but exploitation requires user interaction and has high attack complexity. No public exploit has been identified at time of analysis and it is not listed in CISA KEV; a vendor patch is available via Microsoft's MSRC update guide.
Remote code execution in Microsoft Edge (Chromium-based) allows an unauthorized attacker to break out of the browser's security boundary and run arbitrary code when a victim is lured to malicious web content. Rooted in an improper authorization flaw (CWE-285) with a scope-changing CVSS 8.3 (AV:N/AC:H/PR:N/UI:R/S:C), exploitation requires user interaction and high attack complexity. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation is currently theoretical rather than observed.
Server-side request forgery in Microsoft Edge (Chromium-based) versions before 150.0.4078.48 enables unauthenticated remote attackers to perform network spoofing by inducing the browser to issue forged requests on behalf of a victim. The attack requires user interaction - a victim must visit or interact with attacker-controlled content - after which the browser can be coerced into making unauthorized requests that manipulate resource integrity or availability. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis; a vendor-released patch is available.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory corruption flaw (CWE-416) that an unauthorized network attacker can trigger to run arbitrary code in the browser process. Exploitation requires the victim to interact with attacker-controlled content (UI:R) and involves high attack complexity (AC:H), so a user must be lured to a malicious or compromised page. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a fix.
Information disclosure in Microsoft Edge (Chromium-based) lets a remote attacker read sensitive data by abusing improper symbolic/link resolution (CWE-59) when a victim interacts with attacker-controlled content. Exploitation requires user interaction (UI:R) but no authentication (PR:N), and the scope-changed impact (S:C) indicates data is exposed beyond the browser's own security boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory-corruption bug (CWE-416) that an unauthorized attacker can trigger over the network to run arbitrary code in the browser's context. Exploitation requires the victim to interact with attacker-controlled web content and the CVSS vector flags high attack complexity, so successful attacks are not trivial. There is no public exploit identified at time of analysis and no CISA KEV listing, but a vendor patch is available from Microsoft.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory corruption flaw (CWE-416) that lets an unauthenticated attacker run arbitrary code when a victim visits a malicious web page. All Edge Chromium versions prior to the vendor-patched build are affected, and the CVSS 3.1 base score is 8.8 (High). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; exploitation requires user interaction such as browsing to attacker-controlled content.
Spoofing in Microsoft Edge (Chromium-based) arises from a cross-site scripting (CWE-79) flaw that lets a network-based, unauthenticated attacker inject script into a generated web page, producing a convincing spoofed browser context after the victim interacts with malicious content. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R, C:L/I:H) reflects a high-integrity spoofing impact gated only by user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch through the MSRC update guide.
Remote code execution in Microsoft Edge (Chromium-based) allows an unauthenticated attacker to run arbitrary code by luring a victim to a malicious web page that triggers an integer overflow (CWE-190). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R) indicates network-based exploitation requiring user interaction, with high confidentiality, integrity, and availability impact. Microsoft has released a fix; no public exploit has been identified at time of analysis, and the flaw is not listed in CISA KEV.
UI misrepresentation in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 enables network-based spoofing attacks against users who interact with attacker-controlled web content. The browser fails to accurately present critical security information - such as origin indicators, security status, or authentication prompts - allowing an unauthenticated remote attacker to deceive victims into believing they are interacting with a trusted source. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and a vendor patch is available.
Relative path traversal in Microsoft Edge for Android (Chromium-based) before version 150.0.4078.48 permits a local, unprivileged attacker to read sensitive files outside the application's intended directory scope, achieving high confidentiality impact with minor integrity exposure. The flaw (CWE-23) stems from insufficient sanitization of relative path sequences in Edge's Android file-handling logic. No public exploit code or active exploitation has been identified at time of analysis, though a vendor patch is available and should be prioritized given the high confidentiality impact rating.
Remote code execution in Microsoft Edge for Android (Chromium-based) arises from a time-of-check to time-of-use (TOCTOU) race condition that an unauthenticated network attacker can win to run arbitrary code, though success requires the victim to interact (UI:R) and the timing window makes exploitation high-complexity. Microsoft (self-reported) has shipped an official fix, and the temporal signals (E:U, RC:C) indicate no public exploit identified at time of analysis despite confirmed technical validity. The flaw is credited to Microsoft/Google collaboration and tagged as an authentication-bypass-class issue.
Remote code execution in Microsoft Edge (Chromium-based) allows an unauthorized attacker to run arbitrary code when a victim views attacker-controlled web content, stemming from a use-after-free memory-corruption flaw (CWE-416). The scope-changed CVSS vector (S:C) indicates the bug can breach the browser's sandbox boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis (CVSS E:U) and it is not listed in CISA KEV.
Spoofing in Microsoft Edge (Chromium-based) stems from a type-confusion memory-safety defect (CWE-843) that a remote, unauthenticated attacker can leverage over the network to misrepresent content or origin to the victim. Microsoft rates it CVSS 8.1 with a changed scope, driven largely by high integrity impact, though the CVSS vector's high attack complexity (AC:H) signals non-trivial exploitation. There is no public exploit identified at time of analysis (CVSS E:U), and it is not listed in CISA KEV; Microsoft has already shipped an official fix (RL:O).
Spoofing in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker bypass an origin/security-context access control (CWE-284) to misrepresent trusted content or UI over a network. The flaw carries CVSS 8.1 with a scope-changed vector and high integrity impact, meaning a successful spoof can influence resources beyond the initially vulnerable component. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has shipped an official fix.
Microsoft Edge (Chromium-based) versions prior to 150.0.4078.48 expose sensitive information to unauthorized network actors, enabling spoofing attacks against users who interact with attacker-controlled content. The vulnerability maps to CWE-200, indicating that browser-internal sensitive data (likely origin, URL, or session context) is improperly disclosed across a network boundary, allowing an attacker to impersonate trusted content or identities. No public exploit code or CISA KEV listing exists at time of analysis; however, the CVSS score of 6.5 with a network attack vector and no privilege requirement underscores meaningful real-world risk for any unpatched Edge deployment.
Server-side request forgery in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker coax a victim's browser into issuing forged network requests, enabling spoofing and disclosure of sensitive data over the network. Exploitation requires user interaction (visiting or interacting with attacker-controlled content), and the CVSS scope-change flag indicates the browser can be pivoted to reach resources beyond its own security boundary. No public exploit identified at time of analysis (CVSS E:U), but a vendor fix is already available and the finding is vendor-confirmed (RC:C).
Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run arbitrary code when a victim is lured into loading attacker-controlled web content that triggers a use-after-free memory corruption. The flaw carries a CVSS 3.1 base of 7.5 and requires user interaction, and the CVSS temporal metrics (E:U, RL:O, RC:C) indicate the issue is confirmed and officially patched with no public exploit identified at time of analysis. Because Edge shares Chromium's rendering engine, the underlying defect is likely rooted in an upstream Chromium/Blink component (the intel tags also reference Google).
Code execution via relative path traversal in Microsoft Edge (Chromium-based) allows a remote unauthenticated attacker to run arbitrary code when a user is lured into interacting with attacker-controlled content, consistent with the CVSS PR:N/UI:R vector. Rated CVSS 7.1 with high integrity impact (I:H), low availability impact (A:L), and no confidentiality impact (C:N). No public exploit identified at time of analysis (exploit maturity Unproven, E:U) and the CVE is not in CISA KEV, but an official vendor fix is available (RL:O).
Server-side request forgery in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 allows unauthenticated network attackers to perform spoofing by inducing a victim user to visit a malicious page, causing the browser to issue forged requests to internal or external resources. The confidentiality impact is rated High (CVSS C:H), indicating that sensitive data accessible via the browser's network context may be exfiltrated through the SSRF channel. No public exploit code has been identified and the vulnerability is not listed in the CISA KEV catalog at time of analysis.
Remote code execution in Microsoft Edge (Chromium-based) before version 150.0.4078.48 allows an unauthenticated remote attacker to run arbitrary code when a victim is lured into loading attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and carries a high-severity CVSS of 8.8, though it requires user interaction and has no public exploit identified at time of analysis. EPSS risk is low (0.42%, 34th percentile) and CISA SSVC currently rates exploitation status as none.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthenticated attacker can trigger over the network when a victim loads attacker-controlled web content. Microsoft has released an official fix and rates the issue 7.5 (High), tempered by high attack complexity and required user interaction; the CVSS temporal data marks exploit maturity as Unproven (E:U), so there is no public exploit identified at time of analysis and no CISA KEV listing. The vendor tags ('Google', 'Use After Free', 'Denial Of Service') indicate this most likely tracks an upstream Chromium engine defect inherited by Edge.
Security-feature bypass in Microsoft Edge (Chromium-based) versions prior to 150.0.4078.48 lets a remote, unauthenticated attacker circumvent a browser security control over the network via improper authorization (CWE-285). Microsoft rates it CVSS 10.0 with a changed scope, meaning a successful bypass can affect resources beyond the browser's original security boundary. There is no public exploit identified at time of analysis, and CISA's SSVC framework records exploitation as 'none', so this is a high-severity but not currently-exploited issue with a vendor patch already available.
Remote code execution in Microsoft Edge (Chromium-based) stems from a type-confusion flaw (CWE-843) that an unauthenticated attacker can trigger when a victim visits a malicious web page. Microsoft has released an official fix, and while exploit maturity is currently unproven (no public exploit identified at time of analysis), the high confidentiality, integrity, and availability impact combined with network reach makes it a meaningful browser patch. The CVSS 3.1 base score is 7.5 with high attack complexity and required user interaction, tempering real-world exploitability.
Remote code execution in Microsoft Edge (Chromium-based) stems from a heap-based buffer overflow (CWE-122) that a network attacker can trigger when a victim renders crafted web content. The CVSS 3.1 base score is 8.8 with a network vector requiring user interaction (UI:R), and Microsoft has released an official fix (RL:O). No public exploit identified at time of analysis — the temporal metric E:U marks exploit code as unproven — and it is not listed in CISA KEV.
Race condition in Microsoft Edge (Chromium-based) permits a locally authenticated, low-privileged attacker to disclose information beyond the intended security boundary, with the CVSS scope change (S:C) indicating impact can extend outside the directly vulnerable component - potentially across process or sandbox boundaries within the browser. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog, placing it in a lower operational priority tier despite the scope change. Microsoft has released a patch via the MSRC advisory.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that lets an authorized attacker run arbitrary code over a network within the browser process. Microsoft has shipped an official fix and rates it CVSS 8.3; the exploit-maturity metric is Unproven (E:U), meaning no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high to confidentiality and integrity with partial availability loss, making it a meaningful but not emergency patch priority for Edge-based endpoints.
Microsoft Edge (Chromium-based) allows remote attackers to spoof visual elements through a low-complexity network-based attack requiring user interaction, potentially disclosing limited information to unauthenticated users. The vulnerability affects all versions of Microsoft Edge based on Chromium and carries a CVSS score of 4.3 with low confidentiality impact but no code execution or availability risk. A vendor-released patch is available.
Privilege elevation in Microsoft Edge (Chromium-based) lets a network attacker escalate privileges by luring a victim into loading crafted web content that triggers an untrusted pointer dereference (CWE-822). Microsoft rates it CVSS 8.3, driven by a scope change (sandbox/boundary crossing) and full confidentiality, integrity, and availability impact, but exploitation requires user interaction and is of high attack complexity. No public exploit identified at time of analysis (E:U), it is not on CISA KEV, and an official vendor fix is available.
Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated network attacker run arbitrary code by luring a victim into interacting with crafted content that triggers unsafe deserialization (CWE-502). The flaw carries CVSS 8.3 with a scope change, meaning successful exploitation can break out of the browser's security boundary, though there is no public exploit identified at time of analysis and Microsoft has already shipped a fix.
Security feature bypass in Microsoft Edge for Android exposes high-confidentiality data to unauthenticated network attackers who can induce user interaction. The vulnerability stems from improper access control (CWE-284) in the Chromium-based mobile browser, allowing an attacker to circumvent a security boundary and access protected information without credentials. No active exploitation is confirmed (CISA KEV absent, temporal metric E:U), and a vendor patch is available via MSRC, making this a patch-priority item rather than an emergency response.
Information disclosure in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 enables network-based attackers to expose sensitive browser data through a use-after-resource condition (CWE-672). Exploitation requires user interaction and high attack complexity, but the changed scope (S:C) indicates the flaw breaches browser isolation boundaries, yielding high confidentiality impact. No public exploit or active exploitation has been identified at time of analysis; vendor patch is available from Microsoft MSRC.
Spoofing in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 allows a remote unauthenticated attacker to present deceptive browser UI to a victim user, resulting in high-confidentiality-impact information disclosure. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms exploitation is network-delivered and requires only a single user interaction, consistent with a classic UI-spoofing or URL-spoofing class of flaw. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; a vendor-released patch is available.
Insufficient UI warning of dangerous operations in Microsoft Edge (Chromium-based) before version 150.0.4078.48 enables network-based spoofing attacks against users who interact with adversary-controlled content. Per the CVSS vector (PR:N, UI:R), an unauthenticated remote attacker can exploit this flaw without any privileges, but requires the victim to interact with the browser during the attack. No public exploit identified at time of analysis; the Medium CVSS score of 4.3 and confidentiality-only impact (C:L) reflect a bounded but real risk primarily useful for phishing, credential harvesting, or identity spoofing scenarios.
Cross-site scripting in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 enables network-based spoofing attacks against users who interact with attacker-controlled content. The flaw stems from improper input neutralization during web page generation (CWE-79), allowing injected scripts to execute within the browser's context and manipulate rendered content. No public exploit code or active exploitation has been identified at time of analysis, and Microsoft has released a patch addressing the issue.
Absolute path traversal in Microsoft Edge for Android (Chromium-based) prior to version 150.0.4078.48 enables local, unauthenticated information disclosure by allowing crafted paths to escape the application's intended directory scope. The CVSS vector (AV:L/C:H/I:N/A:N) confirms the impact is limited to confidentiality loss on the local device, with no integrity or availability consequences. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
Cross-site scripting in Microsoft Edge (Chromium-based) before version 150.0.4078.48 lets a remote attacker trick a victim into rendering attacker-controlled script that spoofs UI or content over the network. Because the CVSS scope is changed (S:C) and user interaction is required (UI:R), a lured user visiting or interacting with a malicious page can be deceived into trusting forged content, undermining browser security-context integrity. Reported by Microsoft with a vendor patch available; EPSS is low (0.28%, 20th percentile) and no public exploit identified at time of analysis.
Information disclosure in Microsoft Edge for Android (Chromium-based) allows a network-based attacker to expose a victim's private personal information, but only after luring the user into interacting with attacker-controlled content (UI:R). The flaw carries a CVSS 7.1 rating driven by high confidentiality impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor patch is available via Microsoft's MSRC update guide.
Information disclosure in Microsoft Edge for Android allows a remote unauthenticated attacker to exfiltrate private personal information over the network when a victim interacts with attacker-controlled content. The flaw carries a CVSS 7.1 with high confidentiality impact and stems from private data being exposed to an unauthorized actor (CWE-359); Microsoft has released a fix. No public exploit identified at time of analysis and it is not listed in CISA KEV.
Security-feature bypass in Microsoft Edge (Chromium-based) stems from a type-confusion (CWE-843) flaw that a remote, unauthenticated attacker can trigger over the network to defeat a browser security boundary. Microsoft has published a fix via its Update Guide (CVE-2026-58295), and the issue carries a CVSS 8.3 with a scope change reflecting the crossed trust boundary. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthorized, remote attacker can trigger to run arbitrary code. Exploitation requires the victim to interact with attacker-controlled web content, and the CVSS 3.1 vector marks high attack complexity (AC:H) despite requiring no privileges (PR:N). Microsoft has released a fix; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Remote code execution in Microsoft Edge (Chromium-based) before version 150.0.4078.48 lets an unauthorized attacker run arbitrary code when a victim is lured to interact with attacker-controlled content, stemming from external control of a file name or path (CWE-73). The flaw is network-reachable but non-trivial to exploit, requiring user interaction and high attack complexity, and there is no public exploit identified at time of analysis. Microsoft has released a patched build, and EPSS estimates a low 0.53% exploitation probability with SSVC reporting no observed exploitation.
Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run code on a victim's machine when the user is lured into interacting with attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and, per its CVSS scope-change metric, is consistent with a renderer/sandbox boundary escape. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix.
Remote code execution in Microsoft Edge (Chromium-based) stems from a type confusion flaw (CWE-843) that an unauthorized attacker can trigger over the network to run arbitrary code, provided the victim interacts with attacker-controlled web content. Microsoft self-reported and has shipped a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high attack complexity (AC:H) and required user interaction (UI:R) temper an otherwise network-reachable, unauthenticated attack surface.
Remote code execution in Microsoft Edge (Chromium-based) before 150.0.4078.48 allows an unauthenticated attacker to run arbitrary code when a victim is lured to a malicious web page, via a type-confusion flaw (CWE-843) in the browser engine. The CVSS:3.1 score is 8.3 with a scope change (S:C), indicating a likely sandbox/renderer boundary escape, though exploitation carries high attack complexity and requires user interaction. There is no public exploit identified at time of analysis and CISA SSVC records exploitation status as none, with EPSS at 0.53% (41st percentile).
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthenticated, network-based attacker can trigger to run arbitrary code in the browser process. Exploitation requires the victim to interact — typically by visiting a malicious or compromised web page — and the CVSS 3.1 score of 8.3 reflects high attack complexity plus a scope change consistent with a renderer sandbox escape. There is no public exploit identified at time of analysis and no CISA KEV listing, though the underlying Chromium engine origin (tags reference Google) means a shared upstream root cause across Chromium browsers is likely.
Spoofing in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker misrepresent trusted UI or content to a victim by abusing improper access control (CWE-284), per Microsoft's own advisory (MSRC CVE-2026-58286). The high CVSS 8.1 is driven by a scope-changed impact (S:C) with high integrity effect, though the AC:H rating signals the attack is not trivially reliable. Currently there is no public exploit identified at time of analysis and no CISA KEV listing, so this is a proactively-patched issue rather than one under active exploitation.
Remote code execution in Microsoft Edge (Chromium-based) via a type-confusion flaw (CWE-843) lets an unauthorized attacker run arbitrary code when a victim is lured to malicious web content. The CVSS 3.1 base score is 8.3 with a scope change, reflecting a likely renderer-to-sandbox impact, but exploitation requires user interaction and has high attack complexity. No public exploit has been identified at time of analysis and it is not listed in CISA KEV; a vendor patch is available via Microsoft's MSRC update guide.
Remote code execution in Microsoft Edge (Chromium-based) allows an unauthorized attacker to break out of the browser's security boundary and run arbitrary code when a victim is lured to malicious web content. Rooted in an improper authorization flaw (CWE-285) with a scope-changing CVSS 8.3 (AV:N/AC:H/PR:N/UI:R/S:C), exploitation requires user interaction and high attack complexity. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation is currently theoretical rather than observed.
Server-side request forgery in Microsoft Edge (Chromium-based) versions before 150.0.4078.48 enables unauthenticated remote attackers to perform network spoofing by inducing the browser to issue forged requests on behalf of a victim. The attack requires user interaction - a victim must visit or interact with attacker-controlled content - after which the browser can be coerced into making unauthorized requests that manipulate resource integrity or availability. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis; a vendor-released patch is available.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory corruption flaw (CWE-416) that an unauthorized network attacker can trigger to run arbitrary code in the browser process. Exploitation requires the victim to interact with attacker-controlled content (UI:R) and involves high attack complexity (AC:H), so a user must be lured to a malicious or compromised page. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a fix.
Information disclosure in Microsoft Edge (Chromium-based) lets a remote attacker read sensitive data by abusing improper symbolic/link resolution (CWE-59) when a victim interacts with attacker-controlled content. Exploitation requires user interaction (UI:R) but no authentication (PR:N), and the scope-changed impact (S:C) indicates data is exposed beyond the browser's own security boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory-corruption bug (CWE-416) that an unauthorized attacker can trigger over the network to run arbitrary code in the browser's context. Exploitation requires the victim to interact with attacker-controlled web content and the CVSS vector flags high attack complexity, so successful attacks are not trivial. There is no public exploit identified at time of analysis and no CISA KEV listing, but a vendor patch is available from Microsoft.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory corruption flaw (CWE-416) that lets an unauthenticated attacker run arbitrary code when a victim visits a malicious web page. All Edge Chromium versions prior to the vendor-patched build are affected, and the CVSS 3.1 base score is 8.8 (High). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; exploitation requires user interaction such as browsing to attacker-controlled content.
Spoofing in Microsoft Edge (Chromium-based) arises from a cross-site scripting (CWE-79) flaw that lets a network-based, unauthenticated attacker inject script into a generated web page, producing a convincing spoofed browser context after the victim interacts with malicious content. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R, C:L/I:H) reflects a high-integrity spoofing impact gated only by user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch through the MSRC update guide.
Remote code execution in Microsoft Edge (Chromium-based) allows an unauthenticated attacker to run arbitrary code by luring a victim to a malicious web page that triggers an integer overflow (CWE-190). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R) indicates network-based exploitation requiring user interaction, with high confidentiality, integrity, and availability impact. Microsoft has released a fix; no public exploit has been identified at time of analysis, and the flaw is not listed in CISA KEV.
UI misrepresentation in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 enables network-based spoofing attacks against users who interact with attacker-controlled web content. The browser fails to accurately present critical security information - such as origin indicators, security status, or authentication prompts - allowing an unauthenticated remote attacker to deceive victims into believing they are interacting with a trusted source. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and a vendor patch is available.
Relative path traversal in Microsoft Edge for Android (Chromium-based) before version 150.0.4078.48 permits a local, unprivileged attacker to read sensitive files outside the application's intended directory scope, achieving high confidentiality impact with minor integrity exposure. The flaw (CWE-23) stems from insufficient sanitization of relative path sequences in Edge's Android file-handling logic. No public exploit code or active exploitation has been identified at time of analysis, though a vendor patch is available and should be prioritized given the high confidentiality impact rating.
Remote code execution in Microsoft Edge for Android (Chromium-based) arises from a time-of-check to time-of-use (TOCTOU) race condition that an unauthenticated network attacker can win to run arbitrary code, though success requires the victim to interact (UI:R) and the timing window makes exploitation high-complexity. Microsoft (self-reported) has shipped an official fix, and the temporal signals (E:U, RC:C) indicate no public exploit identified at time of analysis despite confirmed technical validity. The flaw is credited to Microsoft/Google collaboration and tagged as an authentication-bypass-class issue.
Remote code execution in Microsoft Edge (Chromium-based) allows an unauthorized attacker to run arbitrary code when a victim views attacker-controlled web content, stemming from a use-after-free memory-corruption flaw (CWE-416). The scope-changed CVSS vector (S:C) indicates the bug can breach the browser's sandbox boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis (CVSS E:U) and it is not listed in CISA KEV.
Spoofing in Microsoft Edge (Chromium-based) stems from a type-confusion memory-safety defect (CWE-843) that a remote, unauthenticated attacker can leverage over the network to misrepresent content or origin to the victim. Microsoft rates it CVSS 8.1 with a changed scope, driven largely by high integrity impact, though the CVSS vector's high attack complexity (AC:H) signals non-trivial exploitation. There is no public exploit identified at time of analysis (CVSS E:U), and it is not listed in CISA KEV; Microsoft has already shipped an official fix (RL:O).
Spoofing in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker bypass an origin/security-context access control (CWE-284) to misrepresent trusted content or UI over a network. The flaw carries CVSS 8.1 with a scope-changed vector and high integrity impact, meaning a successful spoof can influence resources beyond the initially vulnerable component. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has shipped an official fix.
Microsoft Edge (Chromium-based) versions prior to 150.0.4078.48 expose sensitive information to unauthorized network actors, enabling spoofing attacks against users who interact with attacker-controlled content. The vulnerability maps to CWE-200, indicating that browser-internal sensitive data (likely origin, URL, or session context) is improperly disclosed across a network boundary, allowing an attacker to impersonate trusted content or identities. No public exploit code or CISA KEV listing exists at time of analysis; however, the CVSS score of 6.5 with a network attack vector and no privilege requirement underscores meaningful real-world risk for any unpatched Edge deployment.
Server-side request forgery in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker coax a victim's browser into issuing forged network requests, enabling spoofing and disclosure of sensitive data over the network. Exploitation requires user interaction (visiting or interacting with attacker-controlled content), and the CVSS scope-change flag indicates the browser can be pivoted to reach resources beyond its own security boundary. No public exploit identified at time of analysis (CVSS E:U), but a vendor fix is already available and the finding is vendor-confirmed (RC:C).
Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run arbitrary code when a victim is lured into loading attacker-controlled web content that triggers a use-after-free memory corruption. The flaw carries a CVSS 3.1 base of 7.5 and requires user interaction, and the CVSS temporal metrics (E:U, RL:O, RC:C) indicate the issue is confirmed and officially patched with no public exploit identified at time of analysis. Because Edge shares Chromium's rendering engine, the underlying defect is likely rooted in an upstream Chromium/Blink component (the intel tags also reference Google).
Code execution via relative path traversal in Microsoft Edge (Chromium-based) allows a remote unauthenticated attacker to run arbitrary code when a user is lured into interacting with attacker-controlled content, consistent with the CVSS PR:N/UI:R vector. Rated CVSS 7.1 with high integrity impact (I:H), low availability impact (A:L), and no confidentiality impact (C:N). No public exploit identified at time of analysis (exploit maturity Unproven, E:U) and the CVE is not in CISA KEV, but an official vendor fix is available (RL:O).
Server-side request forgery in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 allows unauthenticated network attackers to perform spoofing by inducing a victim user to visit a malicious page, causing the browser to issue forged requests to internal or external resources. The confidentiality impact is rated High (CVSS C:H), indicating that sensitive data accessible via the browser's network context may be exfiltrated through the SSRF channel. No public exploit code has been identified and the vulnerability is not listed in the CISA KEV catalog at time of analysis.
Remote code execution in Microsoft Edge (Chromium-based) before version 150.0.4078.48 allows an unauthenticated remote attacker to run arbitrary code when a victim is lured into loading attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and carries a high-severity CVSS of 8.8, though it requires user interaction and has no public exploit identified at time of analysis. EPSS risk is low (0.42%, 34th percentile) and CISA SSVC currently rates exploitation status as none.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthenticated attacker can trigger over the network when a victim loads attacker-controlled web content. Microsoft has released an official fix and rates the issue 7.5 (High), tempered by high attack complexity and required user interaction; the CVSS temporal data marks exploit maturity as Unproven (E:U), so there is no public exploit identified at time of analysis and no CISA KEV listing. The vendor tags ('Google', 'Use After Free', 'Denial Of Service') indicate this most likely tracks an upstream Chromium engine defect inherited by Edge.
Security-feature bypass in Microsoft Edge (Chromium-based) versions prior to 150.0.4078.48 lets a remote, unauthenticated attacker circumvent a browser security control over the network via improper authorization (CWE-285). Microsoft rates it CVSS 10.0 with a changed scope, meaning a successful bypass can affect resources beyond the browser's original security boundary. There is no public exploit identified at time of analysis, and CISA's SSVC framework records exploitation as 'none', so this is a high-severity but not currently-exploited issue with a vendor patch already available.
Remote code execution in Microsoft Edge (Chromium-based) stems from a type-confusion flaw (CWE-843) that an unauthenticated attacker can trigger when a victim visits a malicious web page. Microsoft has released an official fix, and while exploit maturity is currently unproven (no public exploit identified at time of analysis), the high confidentiality, integrity, and availability impact combined with network reach makes it a meaningful browser patch. The CVSS 3.1 base score is 7.5 with high attack complexity and required user interaction, tempering real-world exploitability.
Remote code execution in Microsoft Edge (Chromium-based) stems from a heap-based buffer overflow (CWE-122) that a network attacker can trigger when a victim renders crafted web content. The CVSS 3.1 base score is 8.8 with a network vector requiring user interaction (UI:R), and Microsoft has released an official fix (RL:O). No public exploit identified at time of analysis — the temporal metric E:U marks exploit code as unproven — and it is not listed in CISA KEV.
Race condition in Microsoft Edge (Chromium-based) permits a locally authenticated, low-privileged attacker to disclose information beyond the intended security boundary, with the CVSS scope change (S:C) indicating impact can extend outside the directly vulnerable component - potentially across process or sandbox boundaries within the browser. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog, placing it in a lower operational priority tier despite the scope change. Microsoft has released a patch via the MSRC advisory.
Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that lets an authorized attacker run arbitrary code over a network within the browser process. Microsoft has shipped an official fix and rates it CVSS 8.3; the exploit-maturity metric is Unproven (E:U), meaning no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is high to confidentiality and integrity with partial availability loss, making it a meaningful but not emergency patch priority for Edge-based endpoints.
Microsoft Edge (Chromium-based) allows remote attackers to spoof visual elements through a low-complexity network-based attack requiring user interaction, potentially disclosing limited information to unauthenticated users. The vulnerability affects all versions of Microsoft Edge based on Chromium and carries a CVSS score of 4.3 with low confidentiality impact but no code execution or availability risk. A vendor-released patch is available.