CVE Catalog

CVE-2026-57985

HighCVSS 7.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.42%

34th percentile — higher than 34% of all known CVEs

Summary

An improper input validation vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. This could lead to remote code execution on the victim's system.

Risk Assessment

An attacker could gain full control of the user's system, enabling malware installation, data theft, or network disruption. The risk is high due to the remote, unauthenticated attack vector.

Recommendation

Immediately update Microsoft Edge to the latest version available from the official repository. Enabling automatic updates reduces the risk of exploitation.

Original NVD description (English source)

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS