Server-Side Request Forgery in Microsoft Edge by Microsoft
CVE-2026-57987

6.5MEDIUM

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-57987?

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to exploit a server-side request forgery (SSRF) condition. This security flaw can potentially enable the attacker to perform network spoofing, compromising server integrity and confidentiality. Users of the affected product should apply the latest patches and security updates provided by Microsoft to mitigate any associated risks.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.