External risk intelligence

Microsoft Edge allows attackers to take control of systems.

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-45495

A critical flaw in Microsoft Edge allows attackers to take control of systems over the internet without any user action, making immediate updates essential for your security.

5Halo Surface Signal

Code Injection

Microsoft Edge Chromium

before 148.0.3967.70

External exposure likelihood

Halo Surface Signal score for CVE-2026-45495

Microsoft Edge is a web browser inherently designed to actively retrieve and execute content from the public internet, ensuring that its attack surface is exposed to untrusted external sites during standard, everyday operation.

PCI scan relevance

PCI Relevance for CVE-2026-45495

Yes

CVE-2026-45495 — Halo PCI Relevance: Yes. Under typical PCI ASV external scan criteria, this issue may be flagged for scan prioritization.

This critical remote code execution vulnerability in Microsoft Edge (Chromium-based) could lead to a PCI scan failure due to its potential impact on system security.

Scan-prioritization guidance only—not a PCI DSS certification or ASV attestation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

This critical vulnerability in Microsoft Edge (Chromium-based) allows for remote code execution without user interaction, meaning an attacker could potentially take control of a user's system simply by having them visit a malicious website. This should be a top priority for all organizations using this browser.

  • Attackers can execute code remotely.
  • No user interaction is needed.
  • Affects users browsing the internet.

Attack Path

How an attacker could exploit the issue

An attacker can exploit this vulnerability by tricking a user into visiting a malicious website using an affected version of Microsoft Edge. Successful exploitation would allow the attacker to execute arbitrary code on the victim's machine with the user's privileges.

  • Network access required.
  • Target is the Edge browser.
  • User must visit a malicious site.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability in Microsoft Edge (Chromium-based) presents a significant risk due to its network-exploitable nature, allowing remote code execution without user interaction. Given the critical severity and lack of required privileges, it's a prime target for attackers seeking widespread compromise. The widespread use of Edge further amplifies its attractiveness for exploitation campaigns.

  • No exploit available publicly.
  • No indication of active exploitation in the wild.
  • Recently disclosed vulnerability.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize patching Microsoft Edge (Chromium-based) immediately, as this critical vulnerability has a high impact and is accessible over the network. If patching is delayed, isolate affected systems to prevent potential remote code execution.

  • Apply Edge version 148.0.3967.70 or later.
  • Implement network segmentation for unpatched systems.
  • Monitor for indicators of compromise.

Frequently asked questions

What is Microsoft Edge (Chromium-based) and its primary function?

Microsoft Edge (Chromium-based) is a web browser designed for internet navigation. It enables users to access websites, online services, and cloud-based applications, serving as a primary tool for daily internet use.

What type of weakness does CVE-2026-45495 exhibit and what can it lead to?

CVE-2026-45495 relates to input validation weaknesses (CWE-20) and improper neutralization of special elements, which could allow for remote code execution (CWE-94). This indicates that the software may not handle certain inputs correctly, creating an exploitable path.

How can CVE-2026-45495 be triggered, and what is the scope of its impact?

Exploitation requires an attacker to draw a user into visiting a malicious website with an affected Edge version. Successful exploitation allows arbitrary code execution on the victim's machine, operating within the user's existing privileges.

What is the relevance of CVE-2026-45495, considering Halo Surface Signal?

CVE-2026-45495 is highly relevant as a critical, network-exploitable vulnerability allowing remote code execution without user interaction. Its widespread use makes Edge a prime target for exploitation, especially given its direct internet exposure.

What immediate actions should be taken to address this vulnerability?

Organizations should prioritize applying Microsoft Edge version 148.0.3967.70 or later. If immediate patching is not feasible, isolating affected systems is recommended to mitigate remote code execution risks.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified