CVE-2026-45494 MEDIUM

CVE-2026-45494: Microsoft Edge (Chromium-based) Spoofing Vulnerability

Vendor Microsoft
Product Microsoft Edge (Chromium-based)
Weakness CWE-79 · XSS
Published May 18, 2026
Last update June 9, 2026
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C

What the vulnerability does

01Description

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Key dates

02Disclosure timeline

May 18, 2026 CVE published
June 9, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-48528 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) CVE-2023-31213 WordPress WPBakery Page Builder Plugin < 6.13.0 is vulnerable to Cross Site Scripting (XSS) CVE-2024-10117 WP Crowdfunding <= 2.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpcf_donate Shortcode CVE-2025-46975 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) CVE-2024-50350 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php