Spoofing Vulnerability in Microsoft Edge for Android
CVE-2026-0391

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 5 February 2026

What is CVE-2026-0391?

A spoofing vulnerability exists in Microsoft Edge for Android due to user interface misrepresentation of critical information. This flaw allows unauthorized attackers to impersonate legitimate entities over a network, posing significant security risks to users. It is crucial for users to be aware of this vulnerability to safeguard against potential attacks.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 143.0.3650.66

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 5, 2026
Vulnerability Reserved
Nov 19, 2025

CVE-2026-0391 Data

JSON