Solutions pour:
Particuliers
Petites entreprises
Moyennes entreprises
Grandes entreprises
Vulnérabilités Menaces
Accueil Vulnérabilités

Multiple vulnerabilities in Microsoft Browser

Kaspersky ID:
KLA91045
Date de la détection:
05/15/2026
Mis à jour:
05/18/2026

Description

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Input can be exploited remotely to execute arbitrary code.
  2. A remote code execution vulnerability in Extensions can be exploited remotely to execute arbitrary code.
  3. Denial of service vulnerability in FileSystem can be exploited remotely to cause denial of service.
  4. Denial of service vulnerability in Media can be exploited remotely to cause denial of service.
  5. Denial of service vulnerability in GPU can be exploited remotely to cause denial of service.
  6. Denial of service vulnerability in UI can be exploited remotely to cause denial of service.
  7. A remote code execution vulnerability in GTK can be exploited remotely to execute arbitrary code.
  8. Denial of service vulnerability in WebAudio can be exploited remotely to cause denial of service.
  9. A remote code execution vulnerability in HID can be exploited remotely to execute arbitrary code.
  10. A remote code execution vulnerability in Blink can be exploited remotely to execute arbitrary code.
  11. A remote code execution vulnerability in ANGLE can be exploited remotely to execute arbitrary code.
  12. Security vulnerability in Network can be exploited to bypass security restrictions.
  13. A remote code execution vulnerability in Core can be exploited remotely to execute arbitrary code.
  14. A remote code execution vulnerability in Google Lens can be exploited remotely to execute arbitrary code.
  15. Denial of service vulnerability in Chromoting can be exploited remotely to cause denial of service.
  16. A remote code execution vulnerability in Internationalization can be exploited remotely to execute arbitrary code.
  17. Security vulnerability in Passwords can be exploited to bypass security restrictions.
  18. Denial of service vulnerability in WebML can be exploited remotely to cause denial of service.
  19. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
  20. Security vulnerability in IFrame Sandbox can be exploited to bypass security restrictions.
  21. A remote code execution vulnerability in GPU can be exploited remotely to execute arbitrary code.
  22. A remote code execution vulnerability in Mojo can be exploited remotely to execute arbitrary code.
  23. A remote code execution vulnerability in Media can be exploited remotely to execute arbitrary code.
  24. A remote code execution vulnerability in Fonts can be exploited remotely to execute arbitrary code.
  25. A remote code execution vulnerability in Codecs can be exploited remotely to execute arbitrary code.
  26. Denial of service vulnerability in V8 can be exploited remotely to cause denial of service.
  27. A remote code execution vulnerability in Downloads can be exploited remotely to execute arbitrary code.
  28. Denial of service vulnerability in DataTransfer can be exploited remotely to cause denial of service.
  29. A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
  30. Denial of service vulnerability in ANGLE can be exploited remotely to cause denial of service.
  31. Security vulnerability in GPU can be exploited to bypass security restrictions.
  32. A remote code execution vulnerability in UI can be exploited remotely to execute arbitrary code.
  33. Denial of service vulnerability in Downloads can be exploited remotely to cause denial of service.
  34. A remote code execution vulnerability in XML can be exploited remotely to execute arbitrary code.
  35. A remote code execution vulnerability in Accessibility can be exploited remotely to execute arbitrary code.
  36. Denial of service vulnerability in Skia can be exploited remotely to cause denial of service.
  37. Denial of service vulnerability in WebRTC can be exploited remotely to cause denial of service.
  38. A remote code execution vulnerability in Dawn can be exploited remotely to execute arbitrary code.
  39. Denial of service vulnerability in SwiftShader can be exploited remotely to cause denial of service.
  40. Denial of service vulnerability in SiteIsolation can be exploited remotely to cause denial of service.
  41. Denial of service vulnerability in CORS can be exploited remotely to cause denial of service.
  42. Security vulnerability in AI can be exploited to bypass security restrictions.
  43. A remote code execution vulnerability in WebShare can be exploited remotely to execute arbitrary code.
  44. A remote code execution vulnerability in Skia can be exploited remotely to execute arbitrary code.
  45. Information disclosure vulnerability in Navigation can be exploited to obtain sensitive information.
  46. Denial of service vulnerability in Views can be exploited remotely to cause denial of service.
  47. A security feature bypass vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to bypass security restrictions.
  48. A remote code execution vulnerability in FileSystem can be exploited remotely to execute arbitrary code.
  49. Security UI vulnerability in Fullscreen can be exploited to spoof user interface.
  50. Security vulnerability in ViewTransitions can be exploited to bypass security restrictions.
  51. Security vulnerability in Payments can be exploited to bypass security restrictions.
  52. Security vulnerability in SanitizerAPI can be exploited to bypass security restrictions.
  53. Denial of service vulnerability in Codecs can be exploited remotely to cause denial of service.
  54. Security vulnerability in Compositing can be exploited to bypass security restrictions.
  55. A remote code execution vulnerability in Aura can be exploited remotely to execute arbitrary code.
  56. Denial of service vulnerability in ReadingMode can be exploited remotely to cause denial of service.
  57. A remote code execution vulnerability in Network can be exploited remotely to execute arbitrary code.
  58. Denial of service vulnerability in Fonts can be exploited remotely to cause denial of service.

Fiches de renseignement originales

Produits associés

Liste CVE

  • CVE-2026-8509
    critical
  • CVE-2026-8510
    critical
  • CVE-2026-8511
    critical
  • CVE-2026-8512
    critical
  • CVE-2026-8513
    critical
  • CVE-2026-8514
    critical
  • CVE-2026-8515
    critical
  • CVE-2026-8516
    high
  • CVE-2026-8517
    critical
  • CVE-2026-8518
    critical
  • CVE-2026-8519
    critical
  • CVE-2026-8523
    critical
  • CVE-2026-8524
    critical
  • CVE-2026-8525
    critical
  • CVE-2026-8526
    critical
  • CVE-2026-8527
    critical
  • CVE-2026-8528
    warning
  • CVE-2026-8529
    critical
  • CVE-2026-8530
    critical
  • CVE-2026-8531
    critical
  • CVE-2026-8532
    critical
  • CVE-2026-8533
    critical
  • CVE-2026-8534
    critical
  • CVE-2026-8535
    high
  • CVE-2026-8536
    warning
  • CVE-2026-8537
    warning
  • CVE-2026-8538
    high
  • CVE-2026-8539
    high
  • CVE-2026-8540
    critical
  • CVE-2026-8541
    high
  • CVE-2026-8542
    critical
  • CVE-2026-8543
    high
  • CVE-2026-8544
    critical
  • CVE-2026-8545
    warning
  • CVE-2026-8546
    high
  • CVE-2026-8547
    critical
  • CVE-2026-8548
    critical
  • CVE-2026-8549
    critical
  • CVE-2026-8550
    high
  • CVE-2026-8551
    critical
  • CVE-2026-8552
    warning
  • CVE-2026-8553
    warning
  • CVE-2026-8554
    warning
  • CVE-2026-8555
    critical
  • CVE-2026-8556
    warning
  • CVE-2026-8557
    critical
  • CVE-2026-8558
    critical
  • CVE-2026-8559
    warning
  • CVE-2026-8560
    warning
  • CVE-2026-8561
    high
  • CVE-2026-8562
    warning
  • CVE-2026-8563
    warning
  • CVE-2026-8565
    warning
  • CVE-2026-8566
    warning
  • CVE-2026-8567
    warning
  • CVE-2026-8568
    warning
  • CVE-2026-8569
    critical
  • CVE-2026-8570
    high
  • CVE-2026-8571
    critical
  • CVE-2026-8572
    warning
  • CVE-2026-8573
    critical
  • CVE-2026-8575
    critical
  • CVE-2026-8576
    warning
  • CVE-2026-8577
    critical
  • CVE-2026-8578
    warning
  • CVE-2026-8579
    warning
  • CVE-2026-8580
    critical
  • CVE-2026-8581
    critical
  • CVE-2026-8582
    high
  • CVE-2026-8584
    warning
  • CVE-2026-8585
    critical
  • CVE-2026-8586
    high
  • CVE-2026-8587
    critical
  • CVE-2026-45494
    high
  • CVE-2026-45495
    critical
  • CVE-2026-45492
    high

En savoir plus

Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com

Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !
Kaspersky IT Security Calculator:
Calculez le profil de sécurité de votre entreprise
Apprendre encore plus
Kaspersky!
Votre vie en ligne mérite une protection complète!
Apprendre encore plus
Related articles
18 May 2026
Securelist
IT threat evolution in Q1 2026. Mobile statistics
18 May 2026
Securelist
IT threat evolution in Q1 2026. Non-mobile statistics
14 May 2026
Securelist
Kimsuky targets organizations with PebbleDash-based tools
12 May 2026
Securelist
State of ransomware in 2026
08 May 2026
Securelist
CVE-2025-68670: discovering an RCE vulnerability in xrdp
07 May 2026
Securelist
Exploits and vulnerabilities in Q1 2026
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ?
Si vous avez découvert une nouvelle menace ou vulnérabilité, veuillez nous en informer par e-mail :
newvirus@kaspersky.com
Vous avez découvert une nouvelle menace ou vulnérabilité ?
Si vous avez découvert une nouvelle menace ou vulnérabilité, veuillez nous en informer par e-mail :
newvirus@kaspersky.com
Solutions pour
Particuliers
Petites entreprises
Moyennes entreprises
Grandes entreprises
Select language
Severity level
Critical
High
Warning
Sorting
Kaspersky ID
Vulnérabilité
Detect date
Sévérité
You must select at least one severity level
Do you want to save your changes?
Your message has been sent successfully.