Path traversal in Microsoft Edge - CVE-2026-57988
Published: July 15, 2026
Microsoft Edge
Detailed vulnerability description
The vulnerability allows a remote attacker to execute code.
The vulnerability exists due to path traversal in Microsoft Edge (Chromium-based) when processing a specially crafted webpage or file. A remote attacker can host specially crafted content and convince a user to open it to execute code.
User interaction is required to visit the attacker-controlled webpage and perform the gestures that activate autofill, or to open a specially crafted file.