CVE Catalog

CVE-2026-45489

MediumCVSS 6.5
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.53%

41th percentile — higher than 41% of all known CVEs

Summary

A spoofing vulnerability in Microsoft Edge (Chromium-based) allows an attacker to manipulate the user interface, such as the address bar. This could trick users into believing they are on a legitimate website while actually visiting a malicious one.

Risk Assessment

The risk involves potential phishing or social engineering attacks where users may be deceived into entering credentials or sensitive data on a fake site. This could result in data breaches or account compromise.

Recommendation

Immediately update Microsoft Edge to the latest version provided by the vendor. Additionally, educate users about the dangers of clicking on untrusted links.

Original NVD description (English source)

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Vulnerability data from NVD (NIST) · CISA KEV · EPSS