Description
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Out of bounds memory read vulnerability in V8 can be exploited to cause denial of service.
- Security UI vulnerability can be exploited to spoof user interface.
- Security UI vulnerability in Split View can be exploited to spoof user interface.
- Use after free vulnerability in ANGLE can be exploited to cause denial of service or execute arbitrary code.
- A security feature bypass vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to bypass security restrictions.
- Validation of untrusted input vulnerability in Downloads can be exploited to bypass security restrictions.
- Security vulnerability in Network can be exploited to bypass security restrictions.
- Implementation vulnerability in V8 can be exploited to cause denial of service.
- Security UI vulnerability in Digital Credentials can be exploited to spoof user interface.
- Implementation vulnerability in Blink can be exploited to cause denial of service.
Original advisories
- CVE-2026-0906
- CVE-2026-0907
- CVE-2026-0908
- CVE-2026-21223
- CVE-2026-0903
- CVE-2026-0905
- CVE-2026-0900
- CVE-2026-0904
- CVE-2026-0902
- CVE-2026-0901
Exploitation
Related products
CVE list
- CVE-2026-0903 high
- CVE-2026-0908 critical
- CVE-2026-0901 high
- CVE-2026-0900 critical
- CVE-2026-0904 high
- CVE-2026-0905 critical
- CVE-2026-0906 critical
- CVE-2026-0907 critical
- CVE-2026-0902 critical
- CVE-2026-0899 critical
- CVE-2026-21223 high
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!