説明
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to inject malicious code, cause denial of service, obtain sensitive information, execute arbitrary code, bypass security restrictions, gain privileges.
Below is a complete list of vulnerabilities:
- Uninitialized Use in GPU in Google Chrome сan be exploited remotely to code injection.
- Denial of service vulnerability can be exploited remotely to cause denial of service.
- Inappropriate implementation vulnerability in Autofill can be exploited remotely to obtain cross-origin data.
- A remote code execution vulnerability can be exploited remotely to execute arbitrary code.
- Use after free vulnerability in Digital Credentials on Mac can be exploited remotely to cause denial of service or execute arbitrary code.
- Inappropriate implementation vulnerability in DeviceBoundSessionCredentials can be exploited remotely to bypass same origin policy.
- Uninitialized use vulnerability in GPU can be exploited remotely to obtain potentially sensitive information from process memory.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Use after free in Passwords in Google Chrome can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Autofill on Windows can be exploited remotely to execute arbitrary code.
- Insufficient validation of untrusted input vulnerability in Navigation can be exploited remotely to bypass site isolation.
- Inappropriate implementation in WebView in Google Chrome can be exploited to bypass security restrictions.
- Inappropriate implementation in WebView in Google Chrome can be exploited remotely to gain privileges.
- Inappropriate implementation vulnerability in Passwords can be exploited remotely to bypass site isolation.
- Use after free vulnerability in Bluetooth on Mac can be exploited remotely to execute arbitrary code via a malicious peripheral.
- Out of bounds read and write vulnerability in Blink InterestGroups can be exploited remotely to execute arbitrary code.
- Use after free vulnerability in Web Authentication can be exploited via a crafted Chrome Extension to cause denial of service or execute arbitrary code.
- A remote code execution vulnerability in Printing can be exploited remotely to execute arbitrary code.
- Use after free vulnerability in FileSystem can be exploited remotely to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Blink can be exploited remotely to execute arbitrary code inside a sandbox.
- Race vulnerability in DevTools can be exploited remotely to bypass security restrictions by performing a sandbox escape.
オリジナルアドバイザリー
- CVE-2026-12032
- CVE-2026-13022
- CVE-2026-12028
- CVE-2026-13026
- CVE-2026-13021
- CVE-2026-13023
- CVE-2026-50521
- CVE-2026-12442
- CVE-2026-13038
- CVE-2026-13024
- CVE-2026-12438
- CVE-2026-12448
- CVE-2026-13034
- CVE-2026-13035
- CVE-2026-13033
- CVE-2026-13029
- CVE-2026-11647
- CVE-2026-13027
- CVE-2026-13036
- CVE-2026-12030
- CVE-2026-13025
- CVE-2026-13031
エクスプロイテーション
Public exploits exist for this vulnerability.
関連製品
CVEリスト
- CVE-2026-11647 critical
- CVE-2026-12028 critical
- CVE-2026-12030 critical
- CVE-2026-12032 warning
- CVE-2026-12442 critical
- CVE-2026-12438 critical
- CVE-2026-12469 warning
- CVE-2026-12448 critical
- CVE-2026-13021 warning
- CVE-2026-13022 high
- CVE-2026-13023 high
- CVE-2026-13024 warning
- CVE-2026-13025 critical
- CVE-2026-13026 critical
- CVE-2026-13027 critical
- CVE-2026-13029 critical
- CVE-2026-13031 critical
- CVE-2026-13033 critical
- CVE-2026-13034 warning
- CVE-2026-13035 critical
- CVE-2026-13036 critical
- CVE-2026-13038 critical
- CVE-2026-50521 critical
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!