CVE Catalog

CVE-2026-56646

MediumCVSS 6.5
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.67%

47th percentile — higher than 47% of all known CVEs

Summary

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose sensitive information. The attack can be performed remotely over a network, leading to spoofing.

Risk Assessment

The organization is at risk of phishing attacks and impersonation of trusted websites, potentially leading to credential theft or other sensitive data compromise.

Recommendation

Immediately update Microsoft Edge to the latest version provided by the vendor. Implement policies to block unknown or suspicious websites.

Original NVD description (English source)

Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS