CVE-2026-58523
- EPSS 0.48%
- Veröffentlicht 03.07.2026 21:26:27
- Zuletzt bearbeitet 07.07.2026 22:58:03
Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-58300
- EPSS 0.34%
- Veröffentlicht 03.07.2026 20:35:34
- Zuletzt bearbeitet 07.07.2026 22:48:09
Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.
CVE-2026-58296
- EPSS 0.3%
- Veröffentlicht 03.07.2026 20:35:33
- Zuletzt bearbeitet 07.07.2026 14:49:01
Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.
CVE-2026-58297
- EPSS 0.31%
- Veröffentlicht 03.07.2026 20:35:33
- Zuletzt bearbeitet 07.07.2026 14:48:05
Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.
CVE-2026-58522
- EPSS 0.32%
- Veröffentlicht 03.07.2026 20:35:17
- Zuletzt bearbeitet 07.07.2026 22:52:45
Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.
CVE-2026-58299
- EPSS 0.27%
- Veröffentlicht 03.07.2026 20:35:16
- Zuletzt bearbeitet 07.07.2026 14:42:37
Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.
CVE-2026-35429
- EPSS 0.5%
- Veröffentlicht 12.05.2026 16:59:04
- Zuletzt bearbeitet 01.06.2026 19:16:32
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-33119
- EPSS 0.31%
- Veröffentlicht 10.04.2026 21:20:37
- Zuletzt bearbeitet 14.04.2026 11:57:14
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-26133
- EPSS 0.43%
- Veröffentlicht 13.03.2026 21:10:13
- Zuletzt bearbeitet 09.04.2026 18:16:57
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-0102
- EPSS 0.46%
- Veröffentlicht 17.02.2026 19:14:32
- Zuletzt bearbeitet 19.02.2026 15:39:08
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or pho...