Improper Authorization in Microsoft Edge Allows Remote Code Execution
CVE-2026-58284

8.3HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-58284?

An improper authorization flaw in Microsoft Edge (Chromium-based) can potentially allow attackers to execute arbitrary code remotely. This vulnerability could be exploited over a network if an unauthorized user successfully targets a vulnerable instance of the browser. Users are encouraged to apply the latest updates and follow security best practices to mitigate risks associated with this vulnerability.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.