CVE-2026-58287
HighCVSS 8.3Exploitation Probability (EPSS)
Low risk36th percentile — higher than 36% of all known CVEs
Summary
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network. The issue stems from improper memory management when processing specially crafted network requests.
Risk Assessment
An attacker can remotely execute arbitrary code in the context of the browser, potentially leading to system compromise, data theft, or further privilege escalation within the organization's network.
Recommendation
Immediately update Microsoft Edge to the latest version available from the vendor. Implement policies to block unknown or suspicious network requests and restrict browser access to trusted users only.
Original NVD description (English source)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

