CVE-2026-58293
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network by controlling file names or paths. The issue stems from external control over file paths, potentially leading to privilege escalation.
Risk Assessment
An attacker can remotely execute malicious code on the victim's machine, risking system compromise, data theft, or malware installation.
Recommendation
Immediately update Microsoft Edge to the latest version available from the official repository. Restrict access to unknown files and links, and enforce least-privilege policies.
Original NVD description (English source)
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

