Absolute Path Traversal Vulnerability in Microsoft Edge for Android
CVE-2026-58300

6.2MEDIUM

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
3 July 2026

What is CVE-2026-58300?

An absolute path traversal vulnerability in Microsoft Edge for Android allows unauthorized attackers to gain access to sensitive information stored locally on a device. This flaw can result in data leakage, which could expose personal or confidential user data. It is crucial for users to update their applications to the latest version to mitigate the risk associated with this vulnerability.

Affected Version(s)

Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48

References

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.