Edge Chromium
by Microsoft
CVEs (223)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45495 | Hig | 0.57 | 8.8 | 0.01 | May 18, 2026 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2026-41107 | Hig | 0.48 | 7.4 | 0.01 | May 12, 2026 | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2026-42891 | Med | 0.42 | 6.5 | 0.00 | May 12, 2026 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2026-45494 | Med | 0.35 | 5.4 | 0.00 | May 18, 2026 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2026-45492 | Med | 0.35 | 5.4 | 0.00 | May 18, 2026 | Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | ||
| CVE-2026-0385 | Med | 0.33 | 5.0 | 0.00 | Mar 16, 2026 | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability | ||
| CVE-2026-40416 | Med | 0.28 | 4.3 | 0.00 | May 12, 2026 | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2026-33118 | Med | 0.28 | 4.3 | 0.01 | Apr 10, 2026 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2025-49741 | 0.04 | — | 0.03 | Jul 1, 2025 | No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2023-33145 | 0.04 | — | 0.09 | Jun 13, 2023 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||
| CVE-2023-24892 | 0.04 | — | 0.04 | Mar 14, 2023 | Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | |||
| CVE-2024-21388 | 0.02 | — | 0.32 | Jan 30, 2024 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||
| CVE-2024-43566 | 0.01 | — | 0.01 | Oct 17, 2024 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||
| CVE-2024-30056 | 0.01 | — | 0.02 | May 25, 2024 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||
| CVE-2023-21719 | 0.01 | — | 0.02 | Jan 23, 2023 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||
| CVE-2022-24523 | 0.01 | — | 0.01 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||
| CVE-2021-41351 | 0.01 | — | 0.04 | Nov 10, 2021 | Microsoft Edge (Chrome based) Spoofing on IE Mode | |||
| CVE-2021-30615 | 0.01 | — | 0.06 | Sep 3, 2021 | Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | |||
| CVE-2019-1038 | 0.01 | — | 0.03 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully… | |||
| CVE-2019-1023 | 0.01 | — | 0.05 | Jun 12, 2019 | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based… |
- risk 0.57cvss 8.8epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.48cvss 7.4epss 0.01
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.00
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
- risk 0.35cvss 5.4epss 0.00
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.35cvss 5.4epss 0.00
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
- risk 0.33cvss 5.0epss 0.00
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.00
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2025-49741Jul 1, 2025risk 0.04cvss —epss 0.03
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
- CVE-2023-33145Jun 13, 2023risk 0.04cvss —epss 0.09
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- CVE-2023-24892Mar 14, 2023risk 0.04cvss —epss 0.04
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
- CVE-2024-21388Jan 30, 2024risk 0.02cvss —epss 0.32
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- CVE-2024-43566Oct 17, 2024risk 0.01cvss —epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- CVE-2024-30056May 25, 2024risk 0.01cvss —epss 0.02
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- CVE-2023-21719Jan 23, 2023risk 0.01cvss —epss 0.02
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
- CVE-2022-24523Apr 5, 2022risk 0.01cvss —epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2021-41351Nov 10, 2021risk 0.01cvss —epss 0.04
Microsoft Edge (Chrome based) Spoofing on IE Mode
- CVE-2021-30615Sep 3, 2021risk 0.01cvss —epss 0.06
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
- CVE-2019-1038Jun 12, 2019risk 0.01cvss —epss 0.03
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully…
- CVE-2019-1023Jun 12, 2019risk 0.01cvss —epss 0.05
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based…
Page 1 of 12