Remote Code Execution in Microsoft Edge for Chromium-based Browsers
CVE-2026-57992

7.5HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-57992?

A vulnerability exists in Microsoft Edge (Chromium-based) that may allow an unauthorized attacker to execute arbitrary code remotely. This issue arises from improper handling of certain objects in memory, leading to a condition known as 'use after free'. Attackers can leverage this vulnerability to gain control over affected systems, potentially compromising user data and device integrity. Microsoft has provided updates to mitigate this risk. Users are urged to install the latest patches to safeguard their systems.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.