Remote Code Execution Vulnerability in Microsoft Edge (Chromium-based)
CVE-2026-58281

8.3HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
11 July 2026

What is CVE-2026-58281?

A deserialization flaw in Microsoft Edge (Chromium-based) allows unauthorized attackers to exploit untrusted data sent over the network, potentially executing arbitrary code on the victim's machine. User interaction is not required for successful exploitation, making this vulnerability particularly dangerous. Microsoft has issued a patch to address this issue, and users are urged to update their browsers immediately to mitigate the risk.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.