[CIVN-2026-0338] Multiple Vulnerabilities in Microsoft Edge
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Multiple Vulnerabilities in Microsoft Edge
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: CRITICAL
Software Affected
Microsoft Edge versions prior to 149.0.4022.53
Overview
Multiple vulnerabilities have been reported in Microsoft Edge which could allow a remote attacker to execute arbitrary code, gain elevated privileges, obtain sensitive information, bypass security restriction, or cause denial-of-service (DoS) condition on the targeted system.
Target Audience:
All end user organizations and individuals using Microsoft Edge.
Risk Assessment:
High risk of unauthorized access to sensitive data, system compromise, service unavailability.
Impact Assessment:
Potential for remote code execution, sensitive data exposure, service disruption.
Description
Microsoft Edge is a web browser developed by Microsoft using the chromium engine, offering fast performance, enhanced security and compatibility with modern web standards while integrating with Microsoft services.
These vulnerabilities exists in Microsoft Edge due to Out of bounds write in ANGLE, GPU ; Use after free in ANGLE, WebAppInstalls, Autofill, Core, Input, SurfaceCapture, WebView, GPU, WebShare, Serial, USB, Messages ; Heap buffer overflow in ANGLE ; Inappropriate implementation in Accessibility, Payments, WebView, NFC, WebAPKs, Payments, Cronet, UI, CustomTabs ; Insufficient validation of untrusted input in Drag and Drop, Tab Group Sync, Custom Tabs, GPU, Navigation, Reader Mode, WebView ; Uninitialized Use in GPU ; Out of bounds read in Dawn ; Race in Geolocation ; Incorrect security UI in Contact Picker, Messages ; Policy bypass in WebView, Android Autofill ; Insufficient policy enforcement in PreviewTab, CustomTabs, WebAuthentication and Integer overflow in WebView. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted webpage.
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, gain elevated privileges, obtain sensitive information, bypass security restriction, or cause denial-of-service (DoS) condition on the targeted system.
Solution
Apply appropriate updates as mentioned by the vendor:
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#june-8-2026
References
Microsoft Edge
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10883
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10892
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10923
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10929
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10934
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10953
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10959
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10967
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10984
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11007
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11010
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11012
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11019
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11029
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11034
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11035
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11045
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11064
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11065
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11077
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11080
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11082
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11097
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11108
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11119
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11127
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11131
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11145
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11148
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11163
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11167
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11172
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11175
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11178
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11188
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11215
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11226
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11247
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11263
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11270
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11278
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11287
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11290
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11291
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11295
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11297
CVE Name
CVE-2026-10883
CVE-2026-10892
CVE-2026-10923
CVE-2026-10929
CVE-2026-10934
CVE-2026-10953
CVE-2026-10959
CVE-2026-10967
CVE-2026-10984
CVE-2026-11007
CVE-2026-11010
CVE-2026-11012
CVE-2026-11019
CVE-2026-11029
CVE-2026-11034
CVE-2026-11035
CVE-2026-11045
CVE-2026-11064
CVE-2026-11065
CVE-2026-11072
CVE-2026-11077
CVE-2026-11080
CVE-2026-11082
CVE-2026-11097
CVE-2026-11108
CVE-2026-11119
CVE-2026-11127
CVE-2026-11131
CVE-2026-11145
CVE-2026-11148
CVE-2026-11163
CVE-2026-11167
CVE-2026-11172
CVE-2026-11175
CVE-2026-11178
CVE-2026-11188
CVE-2026-11215
CVE-2026-11226
CVE-2026-11247
CVE-2026-11263
CVE-2026-11270
CVE-2026-11278
CVE-2026-11287
CVE-2026-11290
CVE-2026-11291
CVE-2026-11295
CVE-2026-11297
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmo78eYACgkQ3jCgcSdc
ys/S9A/+LNM8oJTQx/1dBJL6UJAOf9UQhhKaTqKKSxUDI/bVSXji3pu3nX72IICi
8qo38L5nsfd+N7j6dPOaQ8Tk9mUCk125z9IUC8qcbqWqwssHWytii3l2BQqBE9s+
WE1pXtQKxCSjn6YjQqQGJTCHz2uXinMpGjDEv6ebnnG2ofxSMYHDY0GYtzKT43s6
7/xr6JSjuxUAPWF0d4ts7wFje5zIbKXtuOxNnLv24+hOZ/jm+ByJHbuLnc5hhT6A
f2rHxAFbs0KjMhzvFeQ8TiO6tU/Pzz+zp4A2L30gbDKW9l/1kln4XcKSXuqFd6H+
y+tWyp6VRid9T1xoPic+UGN0or/X+CVxgvYXpndQp1waoC0U2Hr90zRNGsOSGqDw
RvHeYsUL9Eva22IALX3rktd5kaBbvX43DLDfJjvc/YjUe9NmJcky71rasuG1oMCd
onH5+ftYvDykrssDWIsyTeTuS7c7pqcELx8oKBjn+hKvNJa5kMOmITzFv7Ivsorh
7gcPoLYhKkmWkve3BQ7dJ9zPxGgcdYMtGUnrl5fXkcMPX/3mOt1SEoYbeJTKLc7E
c7qXYHfpa7HJYj3KNsoeif2aIiDJ+GuA6hKqoXfgFcbvgmJZX7DcT88niAlg7cES
oV/z0rodOfoj6LEUhRHuY//pxoAJvaq1ReU5eteYRkydW4r9hhM=
=bxf0
—–END PGP SIGNATURE—–
![[CIVN-2026-0340] Multiple Vulnerabilities in NGINX](https://teamwin.in/wp-content/uploads/2025/06/certin-new-e1751351599950-500x383.png)
