Remote Code Execution Vulnerability in Microsoft Edge by Microsoft
CVE-2026-45495

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 18 May 2026

What is CVE-2026-45495?

A remote code execution vulnerability exists in Microsoft Edge (Chromium-based) that could allow an attacker to execute arbitrary code on the target system. This vulnerability arises from improper handling of certain inputs, leading to a scenario where an attacker could exploit the flaw to gain control of the affected system. Users are advised to update their browsers to the latest version to mitigate this risk. For further guidance, users can consult the official Microsoft advisory and implement the necessary security patches.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 148.0.3967.70

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 18, 2026
Vulnerability Reserved
May 12, 2026

CVE-2026-45495 Data

JSON