本ページは microsoft edge_chromium に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-58596 | Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network. | [email protected] | 8.3 | — | 2026-07-12 | 2026-07-12 |
| CVE-2026-58281 | Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 8.3 | 0.70% | 2026-07-11 | 2026-07-11 |
| CVE-2026-58525 | Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | [email protected] | 8.2 | 0.37% | 2026-07-08 | 2026-07-09 |
| CVE-2026-58523 | Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network. | [email protected] | 6.5 | 0.50% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58597 | Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 4.3 | 0.41% | 2026-07-03 | 2026-07-06 |
| CVE-2026-58524 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 5.4 | 0.24% | 2026-07-03 | 2026-07-06 |
| CVE-2026-58522 | Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. | [email protected] | 6.8 | 0.29% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58300 | Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. | [email protected] | 6.2 | 0.34% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58299 | Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network. | [email protected] | 7.5 | 0.28% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58298 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 7.2 | 0.24% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58297 | Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network. | [email protected] | 7.1 | 0.32% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58296 | Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network. | [email protected] | 7.1 | 0.31% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58295 | Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | [email protected] | 8.3 | 0.38% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58294 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 7.5 | 0.35% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58293 | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 8.1 | 0.44% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58292 | Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 7.5 | 0.29% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58291 | Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | [email protected] | 6.1 | 0.60% | 2026-07-03 | 2026-07-06 |
| CVE-2026-58290 | Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 7.5 | 0.25% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58289 | Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 9.0 | 0.44% | 2026-07-03 | 2026-07-07 |
| CVE-2026-58288 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 8.3 | 0.45% | 2026-07-03 | 2026-07-07 |