CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-58424
High

A vulnerability in the workflow approval gate mechanism of the repository management system allows bypassing the approval gate for pull requests from permanent forks. An attacker can submit a pull request from a permanent fork without the required approval.

CVE-2026-58423
High

A vulnerability in the LFS (Large File Storage) system allows authentication bypass via a malformed SSH sub-verb. An attacker can gain unauthorized read access to private repositories.

CVE-2026-58299
High

A Time-of-check time-of-use (TOCTOU) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

CVE-2026-58298
High

An XSS vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network due to improper input neutralization during web page generation.

CVE-2026-58297
High

A vulnerability in Microsoft Edge for Android allows an unauthorized attacker to disclose private personal information over a network. The issue stems from improper protection of information against unauthorized access.

CVE-2026-58296
High

A vulnerability in Microsoft Edge for Android allows an unauthorized attacker to disclose private personal information over a network. The issue stems from improper access restrictions to sensitive data.

CVE-2026-58295
High

A type confusion vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-58294
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-58293
High

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network by controlling file names or paths. The issue stems from external control over file paths, potentially leading to privilege escalation.

CVE-2026-58292
High

An improper input validation vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58290
High

A type confusion vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-58288
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-58287
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-58286
High

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. The issue stems from improper access control.

CVE-2026-58285
High

A type confusion vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-58284
High

An improper authorization vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-58283
High

A type confusion vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58282
High

An improper access control vulnerability was found in Microsoft Edge (Chromium-based). It allows an unauthorized attacker to perform network spoofing attacks.

CVE-2026-58276
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-57993
High

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

PreviousPage 2 of 3327Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS