Improper Access Control in Microsoft Edge by Microsoft
CVE-2026-58286

8.1HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-58286?

A flaw in Microsoft Edge (Chromium-based) enables unauthorized attackers to exploit improper access control mechanisms, potentially leading to spoofing attacks over a network. This vulnerability poses a risk of allowing malicious entities to impersonate legitimate users or services, compromising the integrity and confidentiality of data. Users are advised to review the advisory and apply relevant patches to mitigate the risks associated with this issue.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.