CVE-2026-45492

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45492	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*

History

19 May 2026, 15:03

Type	Values Removed	Values Added
CPE		cpe:2.3:a:microsoft:edge_chromium:::::-:::*
References	~~() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45492 -~~	() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45492 - Vendor Advisory
CWE		NVD-CWE-noinfo
First Time		Microsoft Microsoft edge Chromium

18 May 2026, 18:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-18 18:17

Updated : 2026-05-19 15:03

NVD link : CVE-2026-45492

Mitre link : CVE-2026-45492

CVE.ORG link : CVE-2026-45492

JSON object : View

Products Affected

microsoft

edge_chromium

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

5.4 /10