Spoofing Vulnerability in Microsoft Edge by Microsoft
CVE-2026-42891

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge For Android
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-42891?

A security flaw in Microsoft Edge (Chromium-based) affects the integrity of critical information displayed in the user interface. This vulnerability can be exploited by unauthorized attackers to perform network spoofing, potentially misleading users and compromising sensitive data. Users of Microsoft Edge on Android are particularly at risk. It is essential to apply the latest security updates to mitigate this risk and ensure a safe browsing experience. For further information and updates, refer to the Microsoft advisory.

Affected Version(s)

Microsoft Edge for Android 1.0.0 < 148.0.3967.55

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Apr 30, 2026

CVE-2026-42891 Data

JSON