CVE Catalog

CVE-2026-56645

HighCVSS 8.8
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.57%

43th percentile — higher than 43% of all known CVEs

Summary

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

Risk Assessment

An attacker can remotely execute arbitrary code in the browser context, leading to system compromise, data theft, or lateral movement within the network.

Recommendation

Immediately update Microsoft Edge to the latest version available from the official vendor repository. Enforce a policy blocking unknown scripts and restrict access to untrusted websites.

Original NVD description (English source)

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS