Description

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Denial of service vulnerability in PDFium can be exploited remotely to cause denial of service.
2. Denial of service vulnerability in V8 can be exploited remotely to cause denial of service.
3. A remote code execution vulnerability in Prerender can be exploited remotely to execute arbitrary code.
4. Security vulnerability in CORS can be exploited to bypass security restrictions.
5. A remote code execution vulnerability in Codecs can be exploited remotely to execute arbitrary code.
6. Denial of service vulnerability in Media can be exploited remotely to cause denial of service.
7. A remote code execution vulnerability in CSS can be exploited remotely to execute arbitrary code.
8. A remote code execution vulnerability in FileSystem can be exploited remotely to execute arbitrary code.
9. A remote code execution vulnerability in Video can be exploited remotely to execute arbitrary code.
10. Security vulnerability in Passwords can be exploited to bypass security restrictions.
11. A remote code execution vulnerability in Graphite can be exploited remotely to execute arbitrary code.
12. Denial of service vulnerability in ANGLE can be exploited remotely to cause denial of service.
13. Denial of service vulnerability in GPU can be exploited remotely to cause denial of service.
14. Denial of service vulnerability in Turbofan can be exploited remotely to cause denial of service.
15. Denial of service vulnerability in Accessibility can be exploited remotely to cause denial of service.
16. A remote code execution vulnerability in Viz can be exploited remotely to execute arbitrary code.
17. A remote code execution vulnerability in Forms can be exploited remotely to execute arbitrary code.
18. Denial of service vulnerability in Skia can be exploited remotely to cause denial of service.
19. A remote code execution vulnerability in Cast can be exploited remotely to execute arbitrary code.
20. A remote code execution vulnerability in Proxy can be exploited remotely to execute arbitrary code.
21. A remote code execution vulnerability in Dawn can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2026-6361

• CVE-2026-6363
• CVE-2026-6299
• CVE-2026-6313
• CVE-2026-6362
• CVE-2026-6318
• CVE-2026-6308
• CVE-2026-6300
• CVE-2026-6360
• CVE-2026-6302
• CVE-2026-6312
• CVE-2026-6304
• CVE-2026-6303
• CVE-2026-6296
• CVE-2026-6305
• CVE-2026-6314
• CVE-2026-6307
• CVE-2026-6311
• CVE-2026-6309
• CVE-2026-6316
• CVE-2026-6364
• CVE-2026-6317
• CVE-2026-6298
• CVE-2026-6359
• CVE-2026-6297
• CVE-2026-6306
• CVE-2026-6310
• CVE-2026-6301

Exploitation

Related products

• Microsoft-Edge

CVE list

• CVE-2026-6296
  critical
• CVE-2026-6297
  critical
• CVE-2026-6298
  warning
• CVE-2026-6299
  critical
• CVE-2026-6359
  critical
• CVE-2026-6300
  critical
• CVE-2026-6301
  critical
• CVE-2026-6302
  critical
• CVE-2026-6303
  critical
• CVE-2026-6304
  critical
• CVE-2026-6305
  critical
• CVE-2026-6306
  critical
• CVE-2026-6307
  critical
• CVE-2026-6308
  critical
• CVE-2026-6309
  critical
• CVE-2026-6360
  critical
• CVE-2026-6310
  critical
• CVE-2026-6311
  critical
• CVE-2026-6312
  warning
• CVE-2026-6313
  warning
• CVE-2026-6314
  critical
• CVE-2026-6316
  critical
• CVE-2026-6361
  high
• CVE-2026-6362
  high
• CVE-2026-6317
  critical
• CVE-2026-6363
  critical
• CVE-2026-6318
  critical
• CVE-2026-6364
  high

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com