Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.0
CVE-2026-58289: Microsoft Edge (Chromium-based) allows attackers to run code remotely
CVE-2026-58289
CVE-2026-58289
Summary
An attacker can use Microsoft Edge (Chromium-based) to execute unauthorized code on a network, potentially stealing sensitive information or taking control of a device. This affects users who use Microsoft Edge (Chromium-based) to access the internet. To protect yourself, update to the latest version of Microsoft Edge (Chromium-based) as soon as possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| microsoft | microsoft edge (chromium-based) | < 150.0.4078.48 |
Original title
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Original description
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
mitre CVSS3.1
9.0
Vulnerability type
CWE-843
Type Confusion
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58289 vendor-advisory patch
Published: 3 Jul 2026 · Updated: 5 Jul 2026 · First seen: 3 Jul 2026