CVE-2026-58285 – Microsoft Edge (Chromium-based)

CVSS 8.3 IMPORTANT Critical or Zero Day – Immediate Deployment

“A browser patch this large closes risk at the front door of the enterprise.”

Microsoft patched a broad set of vulnerabilities in Microsoft Edge (Chromium-based) covering memory safety, access control, path handling, input validation, information disclosure, SSRF, race condition, and cross-site scripting issues. The update includes one Critical vulnerability and multiple High-severity vulnerabilities, with several issues carrying remote code execution or elevation-of-privilege impact.

CVE-2026-58289 has a CVSS score of 9.0, which is Critical severity. All remaining listed CVEs are High severity, with scores ranging from 7.1 to 8.8. Verified exploitation has not been reported.

Key Details

Affected Product
Microsoft Edge Chromium
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
CWE Classification
CWE-843
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.