CVE-2026-45494

Analyzed Analyzed - Analysis Complete

Microsoft Edge Spoofing Vulnerability

Publication date: 2026-05-18

Last updated on: 2026-05-19

Assigner: Microsoft Corporation

Description

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-05-18

Last Modified

2026-05-19

Generated

2026-06-30

AI Q&A

2026-05-19

EPSS Evaluated

2026-06-28

NVD

CVE-2026-45494

Affected Vendors & Products

Vendor	Product	Version / Range
microsoft	edge_chromium	to 148.0.3967.70 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-79	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

Executive Summary

This vulnerability is a spoofing issue in Microsoft Edge (Chromium-based). Spoofing vulnerabilities typically allow an attacker to deceive users or systems by presenting false information or impersonating legitimate entities.

Impact Analysis

The vulnerability can impact users by allowing attackers to perform spoofing attacks, potentially leading to users being tricked into trusting malicious content or websites. According to the CVSS score (5.4), the impact includes limited confidentiality and integrity loss, but no impact on availability.

Compliance Impact

The provided information does not specify how the Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2026-45494) affects compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

The vulnerability is a spoofing issue in Microsoft Edge (Chromium-based) with a moderate severity level.

To mitigate this vulnerability, it is recommended to apply any security updates or patches provided by Microsoft as soon as they become available.

Hi! I’m here to help you understand CVE-2026-45494. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70