Race condition in Microsoft Edge - CVE-2026-55945
Published: July 15, 2026
Microsoft Edge
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to a race condition in Microsoft Edge (Chromium-based) when using shared resources with improper synchronization. A local user can trigger concurrent execution to disclose sensitive information.
Successful exploitation requires crafting deceptive or invisible form elements and the user performing two sequential taps. Disclosed information may include file content, and the impact may extend beyond the vulnerable component's security scope.