CVE Catalog
CVE-2026-57977
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk0.41%
33th percentile — higher than 33% of all known CVEs
Summary
An XSS vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network due to improper input neutralization during web page generation.
Risk Assessment
An attacker could exploit this flaw to display fake content in a trusted domain, potentially leading to credential theft or malware distribution.
Recommendation
Immediately update Microsoft Edge to the latest available version that includes a fix for this vulnerability.
Original NVD description (English source)
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

