CVE Catalog

CVE-2026-45488

MediumCVSS 5.4
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

22th percentile — higher than 22% of all known CVEs

Summary

A vulnerability in Microsoft Edge (Chromium-based) allows an attacker to spoof the user interface, potentially leading to network-based fraud. The flaw is due to misrepresentation of critical information in the UI.

Risk Assessment

An attacker can exploit this vulnerability to perform spoofing attacks, impersonating trusted websites or services, which may result in theft of credentials or other sensitive data.

Recommendation

It is recommended to immediately update Microsoft Edge to the latest version provided by the vendor. Users should also be advised about the risks of clicking on suspicious links.

Original NVD description (English source)

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS