You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 3929
About this tag
CVE-2026-3929 is a medium-severity side-channel information leak vulnerability in the ResourceTiming API, affecting Chromium-based browsers including Microsoft Edge. The flaw allows an attacker to infer sensitive information through timing measurements, but does not enable remote code execution or direct system compromise. Google addressed the issue in a March 2026 Chromium security update, and Microsoft Edge inherited the fix through its upstream Chromium ingestion process. Edge users are protected once Microsoft applies the corrected code path. This tag covers discussions about the vulnerability's impact, the fix mechanism, and the relationship between Chromium and Edge security updates.
The latest Chromium security update touching Microsoft Edge highlights a familiar but often underappreciated class of browser flaw: not a crash, not a straightforward remote code execution bug, but a side-channel information leak in ResourceTiming. Google’s Chrome release notes for March 2026...