[CIVN-2026-0044] Multiple Vulnerabilities in Microsoft Edge
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Multiple Vulnerabilities in Microsoft Edge
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: HIGH
Software Affected
Microsoft Edge versions prior to 144.0.3719.82
Overview
Multiple vulnerabilities have been reported in Microsoft Edge which could allow a remote attacker to execute arbitrary code, bypass security restriction and gain elevated privileges on the targeted system.
Target Audience:
All end user organizations and individuals using Microsoft Edge.
Risk Assessment:
High risk of unauthorized access to sensitive data, system compromise, service unavailability.
Impact Assessment:
Potential for remote code execution, sensitive data exposure, service disruption.
Description
Microsoft Edge is a web browser developed by Microsoft using the chromium engine, offering fast performance, enhanced Security and compatibility with modern web standards while integrating with Microsooft services.
Multiple vulnerabilities exist in Microsoft Edge due to Out of bounds memory access in V8, Inappropriate implementation in V8 and Blink, Insufficient validation of untrusted input in Downloads, Incorrect security UI in Digital Credentials, Insufficient policy enforcement in Network, Incorrect security UI in Split View, Use after free in ANGLE. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page.
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, bypass security restriction and gain elevated privileges on the targeted system.
Solution
Apply appropriate fix/patches as mentioned:
https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-14-2026
Vendor Information
Microsoft
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0899
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0900
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0901
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0902
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0903
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0904
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0905
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0906
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0907
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0908
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21223
References
Microsoft
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0899
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0900
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0901
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0902
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0903
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0904
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0905
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0906
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0907
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0908
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21223
CVE Name
CVE-2026-0899
CVE-2026-0900
CVE-2026-0901
CVE-2026-0902
CVE-2026-0903
CVE-2026-0904
CVE-2026-0905
CVE-2026-0906
CVE-2026-0907
CVE-2026-0908
CVE-2026-21223
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAml0sZ4ACgkQ3jCgcSdc
ys9IAw//TJI/NrlLekHGAbvebYKYlYPh7iR8mOwvqxYH+9oXO1bXGS3qGajZJddw
EA5LGTspS1ElXSFjBLSyDQ8pFGgsKicbjBs83GSya+/JkHXRec/xmqYb9eAbltL5
i/0nHch0L5x+kW20ciYBP/EpOQZ5qTuBya9otPc7LcgnZh3mSRfGs/oN/8W5EwOQ
OX+tYZSSotjRfJfzzFQo6W50AEWysaeDeIzYv6HlcdkPSt4P3BbBLtulTHKRAAz0
zDc9zfBaYlb3/ht535TZYIZw1EfBwRDe9fIVLZoQDieQciqN4iSn7/pJUWXL5k3s
nGeqNSNsiO7WRdjBN7iNZ8AbYvvPLX2bsr/Pf7J9600Ef2tc5UPzbFjcMDzEfFeX
LsZxtXekUrDDDGMgJx7Z8Az8oYjIBxr0sNYnXU23MOx5dH46PRq6xaBR445HE6VD
Um5KNFRf+D2Bmpz7wKc+VeU75vuPZtwIar0pDLECuXRhEFCiLG+MILO/xq+rBuEm
Lz+oak9LBTw8XoygrWHrscGw/LBxMhvYBK8oNjjgr+cLiIJoALpTs8eiqpQoW/Z5
h6zBn9ggOHKK1UE7DNHtLBC9inRuLTH4jZPPW+zdxIqMbKz512porgwP+Jwk6yKk
aXBfobHPqnNA7rH9qOaEbBLYry3531Hac8MQirAzHG0aSTiXvek=
=/RAX
—–END PGP SIGNATURE—–
![[CIVN-2026-0045] Multiple Vulnerabilities in Mozilla Thunderbird](https://teamwin.in/wp-content/uploads/2025/06/certin-new-e1751351599950-500x383.png)
