Server-Side Request Forgery Vulnerability in Microsoft Edge by Microsoft
CVE-2026-58278

5.4MEDIUM

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-58278?

A server-side request forgery (SSRF) vulnerability exists in Microsoft Edge (Chromium-based), allowing unauthorized attackers to exploit the browser for network spoofing attacks. This vulnerability could enable malicious users to send unauthorized requests to internal resources, potentially leading to security breaches.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.