CVE Catalog

CVE-2026-58299

HighCVSS 7.5
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.28%

19th percentile — higher than 19% of all known CVEs

Summary

A Time-of-check time-of-use (TOCTOU) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

Risk Assessment

An attacker could exploit this vulnerability to take control of the browser and execute malicious code, potentially leading to data theft or further device compromise.

Recommendation

It is recommended to immediately update Microsoft Edge for Android to the latest available version that includes a fix for this vulnerability.

Original NVD description (English source)

Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS