CVE-2026-56646
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk47th percentile — higher than 47% of all known CVEs
Summary
A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose sensitive information. The attack can be performed remotely over a network, leading to spoofing.
Risk Assessment
The organization is at risk of phishing attacks and impersonation of trusted websites, potentially leading to credential theft or other sensitive data compromise.
Recommendation
Immediately update Microsoft Edge to the latest version provided by the vendor. Implement policies to block unknown or suspicious websites.
Original NVD description (English source)
Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

