—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Vulnerability in Microsoft Edge

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Software Affected

Microsoft Edge versions prior to 144.0.3719.104

Overview

A vulnerability has been reported in Microsoft Edge (Chromium-based) which could allow a remote attacker to obtain sensitive information on the targeted system.

Target Audience:

All end-user organizations and individuals using Microsoft Edge (Chromium-based).

Risk Assessment:

High risk of unauthorized access to sensitive data.

Impact Assessment:

Potential for sensitive data exposure.

Description

Microsoft Edge (Chromium-based) is a web browser developed by Microsoft using the Chromium engine, offering fast performance, enhanced security, and compatibility with modern web standards while integrating with Microsoft services.

A vulnerability exists in Microsoft Edge due to inappropriate implementation in Background Fetch API. A remote attacker could exploit this vulnerability by persuading a victim to visit a specially crafted Website.

Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information on the targeted system.

Solution

Apply the security updates released by Microsoft:

https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-29-2026

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-1504

References

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-1504

CVE Name

CVE-2026-1504

 

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmHLksACgkQ3jCgcSdc

ys/mDA//YO2yFTcRNP6gK18ncc2S/CrlRNxlS5m0U0yBnoWcDaM9GnKmHYDKMSoD

YK+rkhIVxbWptya0ekBTrCyyDoNyRPVWbI9AyQayEfSevA+nu0I8rk9IxmY8XLU0

nwEU0kxPRc1oaf6Xl7BzNdPpfwm65OSKlbz5SYlEVR88sp4bf6uKCcUPgc3AmL1B

TR4UtQ/UGqFutGvFGOqx9DQMARDYmODlSj55EeAQA9I7XH+FWN0gbbasnUPfKkB/

0DAXhqg8tDbxnF+DpsMfm4Vo3JE9fAzGtHEM19spOPLs+nVPQTBmmQuPlvqZAUH4

09oozGHwKMe2bJFjyvOIXfvosDDoESKrxvLU/gtMyTarHCU/LCI2dLHO5a3CQKsG

jymoXGDh1mHxZmrK5AL6EmA+2nDLbfyGNrRPt+tOmG7uBVRgfnq7qWKMNOMaP2WT

3UmkdA01cePgrL7Kf86iIvKH9kGvIHEjKSoR8NOwOTg8mjhwgI0KgLhZtogCg7LQ

8f1qOtW5z1sx4f6b7JBXawsJlqn7l2Hg7N/gkH9Hh3t1Agv/4LFag/us0OTKCCh8

wIMOY5ZjIhSAOj/Q6SNW7vkTyQdhBD46fTVbzdYrJJFFxrwNzbiGA3uOup+E8JV3

xKLB/pzGEQy1S2IWOT+CPljYkLDNnxoQCHio/59FtlaDvH+sOQU=

=7ea8

—–END PGP SIGNATURE—–