microsoft edge updates

Google disclosed CVE-2026-7356 on April 28, 2026, as a high-severity use-after-free flaw in Chrome’s Navigation component, fixed in Chrome 147.0.7727.138 and later, with Microsoft tracking the Chromium issue for Edge through its Security Update Guide. The bug is not the loudest entry in the...

Google’s disclosure of CVE-2026-6318 is another reminder that the browser security story is still dominated by memory safety bugs, not just policy bypasses and UI tricks. The flaw is a use-after-free in Codecs affecting Google Chrome prior to 147.0.7727.101, and Google says a crafted HTML page...

Chromium’s newly disclosed CVE-2026-6363 is a reminder that the browser’s most sensitive attack surface still lives in V8, the JavaScript engine that powers Chrome’s page execution model. Google says the bug is a type confusion issue that could let a remote attacker trigger out-of-bounds memory...

Chromium’s CVE-2026-5863 is the kind of browser flaw that looks narrow in a bulletin but broad in operational impact. Google says the issue is an inappropriate implementation in V8, and that Chrome versions prior to 147.0.7727.55 were vulnerable to a crafted HTML page that could let a remote...

The latest Chromium security alert to land in Microsoft’s Security Update Guide is CVE-2026-5871, a type confusion in V8 that Google says could let a remote attacker execute arbitrary code inside the browser’s sandbox through a crafted HTML page. Google’s own release cadence shows this is part...

Chromium’s newly published CVE-2026-5894 is another reminder that not every browser security issue looks like a dramatic remote-code-execution headline. In this case, Google says the flaw is an inappropriate implementation in PDF that could let a remote attacker bypass navigation restrictions...

Chromium’s CVE-2026-5276 is a reminder that browser security bugs are not always dramatic crashes or remote-code-execution flaws. In this case, Google says insufficient policy enforcement in WebUSB let a remote attacker use a crafted HTML page to pull potentially sensitive data from process...

In Google Chrome’s latest security cycle, CVE-2026-5283 stands out less because of its exploit mechanics than because of what it says about the browser’s attack surface in 2026: a crafted HTML page can still be enough to pry loose cross-origin data from a widely deployed Chromium stack. Google’s...

Chromium’s CVE-2026-4457 is another reminder that the browser’s most dangerous flaws are often the ones buried deepest in its engine: V8, the JavaScript and WebAssembly runtime that underpins modern web execution. The public description says the bug is a type confusion issue that could let a...