CVE Catalog

CVE-2026-55945

MediumCVSS 4.2
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile — higher than 4% of all known CVEs

Summary

A race condition vulnerability has been discovered in Microsoft Edge (Chromium-based) due to improper synchronization of shared resources. This flaw allows an authorized attacker to disclose information locally.

Risk Assessment

The risk involves potential leakage of sensitive data by a local attacker with system access. This could lead to privacy breaches and loss of control over confidential information.

Recommendation

It is recommended to immediately update Microsoft Edge to the latest version that includes a fix for this vulnerability. Also, monitor security advisories from Microsoft.

Original NVD description (English source)

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS