Spoofing Vulnerability in Microsoft Edge by Microsoft
CVE-2026-33118

4.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 10 April 2026

What is CVE-2026-33118?

A spoofing vulnerability in Microsoft Edge (Chromium-based) allows attackers to impersonate legitimate content, potentially leading to unauthorized actions by unsuspecting users. This flaw can be exploited through deceptive user interface elements that mislead users into interacting with malicious sites while appearing to be safe and trusted. Ensuring your Edge browser is updated is essential to mitigate risks associated with this vulnerability.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 147.0.3912.60

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2026
Vulnerability Reserved
Mar 17, 2026

CVE-2026-33118 Data

JSON