CVE-2026-0102

Low CVSS: 3.1

Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.

Vendor

Microsoft

Product

Edge Chromium

CWE

CWE-359

Yayın Tarihi

2026-02-17 20:22:05

Güncelleme

2026-02-19 15:39:08

Source Identifier

secure@microsoft.com

KEV Date Added

Kategoriler

CWE-359 Edge Chromium LOW Microsoft 2026

Referanslar

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0102

Benzer Kayıtlar

Critical

CVE-2026-33107

Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a netw…

Critical

CVE-2026-33105

Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over…

Critical

CVE-2026-32213

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.

Critical

CVE-2026-32211

Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information…

High

CVE-2026-32173

Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.

Critical

CVE-2026-26135

Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an authorized attacker to ele…