CVE-2026-45495
EUVD-2026-3078518.05.2026, 18:17
Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityEnginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| microsoft | edge_chromium | 𝑥 < 148.0.3967.70 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-35 - Path Traversal: '.../...//'The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.