Remote Code Execution Vulnerability in Microsoft Edge by Microsoft
CVE-2026-58294

7.5HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-58294?

A use after free vulnerability in the Chromium-based Microsoft Edge allows attackers to execute arbitrary code remotely. This weakness can potentially be exploited over a network, leading to unauthorized control over affected systems. It is crucial for users to update their Microsoft Edge browser to the latest version to mitigate the risks associated with this vulnerability. For more information, refer to the Microsoft vendor advisory.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.