This page lists publicly disclosed CVE vulnerabilities affecting microsoft edge_chromium (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-32208 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an authorized attacker to perform spoofing over a network. | [email protected] | 8.8 | 0.28% | 2026-06-19 | 2026-06-22 |
| CVE-2026-45495 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | [email protected] | 8.8 | 0.99% | 2026-05-18 | 2026-06-17 |
| CVE-2026-45494 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | [email protected] | 5.4 | 0.30% | 2026-05-18 | 2026-06-17 |
| CVE-2026-45492 | Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | [email protected] | 5.4 | 0.30% | 2026-05-18 | 2026-06-17 |
| CVE-2026-42891 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 6.5 | 0.29% | 2026-05-12 | 2026-06-17 |
| CVE-2026-42838 | Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network. | [email protected] | 5.4 | 0.24% | 2026-05-12 | 2026-06-17 |
| CVE-2026-41107 | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | [email protected] | 7.4 | 0.65% | 2026-05-12 | 2026-06-17 |
| CVE-2026-40416 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 4.3 | 0.35% | 2026-05-12 | 2026-06-17 |
| CVE-2026-33118 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 4.3 | 0.56% | 2026-04-10 | 2026-06-19 |
| CVE-2026-0385 | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability | [email protected] | 5.0 | 0.24% | 2026-03-16 | 2026-06-17 |
| CVE-2026-0102 | Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata. | [email protected] | 3.1 | 0.46% | 2026-02-17 | 2026-06-17 |
| CVE-2026-0391 | User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 6.5 | 0.60% | 2026-02-05 | 2026-06-17 |
| CVE-2026-21223 | Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally. | [email protected] | 7.1 | 0.25% | 2026-01-16 | 2026-06-17 |
| CVE-2025-65046 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | [email protected] | 3.1 | 0.23% | 2025-12-18 | 2026-06-17 |
| CVE-2025-14174 KEV | Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 22.36% | 2025-12-12 | 2026-06-17 |
| CVE-2025-62223 | User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 4.3 | 0.39% | 2025-12-04 | 2026-06-17 |
| CVE-2025-60711 | Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | [email protected] | 6.3 | 0.32% | 2025-10-31 | 2026-06-17 |
| CVE-2025-59251 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | [email protected] | 7.6 | 0.45% | 2025-09-24 | 2026-06-17 |
| CVE-2025-53791 | Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | [email protected] | 4.7 | 0.37% | 2025-09-05 | 2026-06-17 |
| CVE-2025-47964 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | [email protected] | 5.4 | 0.40% | 2025-07-11 | 2026-06-17 |