Описание
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Heap buffer overflow vulnerability in WebML can be exploited to cause denial of service.
- Incorrect security UI vulnerability in Omnibox can be exploited to spoof user interface.
- Uninitialized Use vulnerability in WebCodecs can be exploited to obtain sensitive information.
- Use after free vulnerability in V8 can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in WebRTC can be exploited to cause denial of service or execute arbitrary code.
- Race vulnerability in V8 can be exploited to obtain sensitive information.
- Insufficient validation of untrusted input vulnerability in Media can be exploited remotely to execute arbitrary code.
- Inappropriate implementation vulnerability in Navigation can be exploited to cause denial of service.
- Insufficient policy enforcement vulnerability in browser UI can be exploited to spoof user interface.
- Use after free vulnerability in Blink can be exploited to cause denial of service or execute arbitrary code.
- Incorrect security UI vulnerability in browser UI can be exploited to spoof user interface.
- Incorrect security UI vulnerability in History Navigation can be exploited to spoof user interface.
- Integer overflow vulnerability in Media can be exploited to cause denial of service.
- Incorrect security UI vulnerability in Blink can be exploited to spoof user interface.
- Policy bypass vulnerability in Downloads can be exploited to bypass security restrictions.
- Insufficient validation of untrusted input vulnerability in Downloads can be exploited remotely to execute arbitrary code.
- Policy bypass vulnerability in LocalNetworkAccess can be exploited to bypass security restrictions.
- Race vulnerability in WebCodecs can be exploited to obtain sensitive information.
- Use after free vulnerability in PrivateAI can be exploited to cause denial of service or execute arbitrary code.
- Insufficient validation of untrusted input vulnerability in ANGLE can be exploited remotely to execute arbitrary code.
- Use after free vulnerability in Media can be exploited to cause denial of service or execute arbitrary code.
- Insufficient validation of untrusted input vulnerability in WebML can be exploited remotely to execute arbitrary code.
- Out of bounds read and write vulnerability in V8 can be exploited to cause denial of service.
- Policy bypass vulnerability in DevTools can be exploited to bypass security restrictions.
- Race vulnerability in Media can be exploited to obtain sensitive information.
- Insufficient validation of untrusted input vulnerability in WebSockets can be exploited remotely to execute arbitrary code.
- Side-channel information leakage vulnerability in Navigation can be exploited to obtain sensitive information.
- Policy bypass vulnerability in Blink can be exploited to bypass security restrictions.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) for Android can be exploited remotely to spoof user interface.
- Incorrect security UI vulnerability in Permissions can be exploited to spoof user interface.
- Insufficient policy enforcement vulnerability in PWAs can be exploited to spoof user interface.
- Incorrect security UI vulnerability in Fullscreen can be exploited to spoof user interface.
- Integer overflow vulnerability in WebRTC can be exploited to cause denial of service.
- Policy bypass vulnerability in ServiceWorkers can be exploited to bypass security restrictions.
- Use after free vulnerability in Navigation can be exploited to cause denial of service or execute arbitrary code.
- Out of bounds read vulnerability in Blink can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in PDF can be exploited to cause denial of service.
- Policy bypass vulnerability in IFrameSandbox can be exploited to bypass security restrictions.
- Integer overflow vulnerability in Skia can be exploited to cause denial of service.
- Heap buffer overflow vulnerability in ANGLE can be exploited to cause denial of service.
- Incorrect security UI vulnerability in Downloads can be exploited to spoof user interface.
- Cryptographic Flaw vulnerability in PDFium can be exploited to obtain sensitive information.
- Out of bounds read vulnerability in WebAudio can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in V8 can be exploited to cause denial of service.
- Heap buffer overflow vulnerability in WebAudio can be exploited to cause denial of service.
- Insufficient data validation vulnerability in Media can be exploited to cause denial of service.
- Policy bypass vulnerability in Audio can be exploited to bypass security restrictions.
- Type confusion vulnerability in V8 can be exploited to cause denial of service.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Integer overflow vulnerability in WebML can be exploited to cause denial of service.
- Type confusion vulnerability in CSS can be exploited to cause denial of service.
Первичный источник обнаружения
- CVE-2026-5867
CVE-2026-5906
CVE-2026-5888
CVE-2026-5904
CVE-2026-5860
CVE-2026-5893
CVE-2026-5884
CVE-2026-5918
CVE-2026-5891
CVE-2026-5872
CVE-2026-5880
CVE-2026-5899
CVE-2026-5910
CVE-2026-5878
CVE-2026-5900
CVE-2026-5887
CVE-2026-5881
CVE-2026-5890
CVE-2026-5874
CVE-2026-5879
CVE-2026-5883
CVE-2026-5915
CVE-2026-5873
CVE-2026-5901
CVE-2026-5902
CVE-2026-5919
CVE-2026-5876
CVE-2026-5875
CVE-2026-33119
CVE-2026-5895
CVE-2026-5905
CVE-2026-5892
CVE-2026-5882
CVE-2026-5912
CVE-2026-5885
CVE-2026-5911
CVE-2026-5877
CVE-2026-5908
CVE-2026-5898
CVE-2026-5913
CVE-2026-5894
CVE-2026-5903
CVE-2026-5909
CVE-2026-5870
CVE-2026-5868
CVE-2026-5866
CVE-2026-5897
CVE-2026-5889
CVE-2026-5886
CVE-2026-5861
CVE-2026-5862
CVE-2026-5864
CVE-2026-5907
CVE-2026-5896
CVE-2026-5858
CVE-2026-5863
CVE-2026-5865
CVE-2026-33118
CVE-2026-5871
CVE-2026-5859
CVE-2026-5869
CVE-2026-5914
Эксплуатация
Связанные продукты
Список CVE
- CVE-2026-5858 critical
- CVE-2026-5859 critical
- CVE-2026-5860 critical
- CVE-2026-5861 critical
- CVE-2026-5862 critical
- CVE-2026-5863 critical
- CVE-2026-5864 warning
- CVE-2026-5865 critical
- CVE-2026-5866 critical
- CVE-2026-5867 warning
- CVE-2026-5868 critical
- CVE-2026-5869 warning
- CVE-2026-5870 critical
- CVE-2026-5871 critical
- CVE-2026-5872 critical
- CVE-2026-5873 critical
- CVE-2026-5874 critical
- CVE-2026-5875 warning
- CVE-2026-5876 high
- CVE-2026-5877 critical
- CVE-2026-5878 warning
- CVE-2026-5879 critical
- CVE-2026-5880 warning
- CVE-2026-5881 high
- CVE-2026-5882 warning
- CVE-2026-5883 unknown
- CVE-2026-5884 critical
- CVE-2026-5885 high
- CVE-2026-5886 high
- CVE-2026-5887 warning
- CVE-2026-5888 high
- CVE-2026-5889 warning
- CVE-2026-5890 unknown
- CVE-2026-5891 warning
- CVE-2026-5892 high
- CVE-2026-5893 high
- CVE-2026-5894 warning
- CVE-2026-5895 high
- CVE-2026-5896 high
- CVE-2026-5897 warning
- CVE-2026-5898 warning
- CVE-2026-5899 high
- CVE-2026-5900 warning
- CVE-2026-5901 high
- CVE-2026-5902 critical
- CVE-2026-5903 high
- CVE-2026-5904 critical
- CVE-2026-5905 high
- CVE-2026-5906 warning
- CVE-2026-5907 critical
- CVE-2026-5908 critical
- CVE-2026-5909 critical
- CVE-2026-5910 critical
- CVE-2026-5911 warning
- CVE-2026-5912 critical
- CVE-2026-5913 critical
- CVE-2026-5914 critical
- CVE-2026-5915 critical
- CVE-2026-5918 warning
- CVE-2026-5919 high
- CVE-2026-33118 warning
- CVE-2026-33119 high
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!