CVE-2026-33119EXPLOITEDPATCHED

microsoft · edge

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Description

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Affected Products

Vendor	Product	Versions
microsoft	edge	1.0.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	edge	cert_advisory	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33119(vendor-advisory, patch)

Related News (4 articles)

Tier B

BSI Advisories1d ago

[NEU] [mittel] Microsoft Edge: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR1d ago

Multiples vulnérabilités dans Microsoft Edge (13 avril 2026)

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-33119 | Microsoft Edge up to 146.0.3856.84 on Android clickjacking

→ No new info (linked only)

Tier A

Microsoft MSRC4d ago

CVE-2026-33119 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

→ No new info (linked only)

CVSS 3.15.4 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

147.0.3912.60

CWECWE-451

PublishedApr 10, 2026

Last enriched3d agov2

Trending Score51

Source articles4

Independent4

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

Trending: 143

HIGHCVE-2026-26171EXP

.NET Denial of Service Vulnerability

Trending: 71

HIGHCVE-2026-26154EXP

Windows Server Update Service (WSUS) Tampering Vulnerability

Trending: 68

HIGHCVE-2026-32093EXP

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Trending: 63

HIGHCVE-2026-32090EXP

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Trending: 63

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 10, 2026

Discovered by ZDM

Apr 10, 2026

Updated: affectedVersions, severity, activelyExploited

Apr 10, 2026

Actively Exploited

Apr 14, 2026

Patch Available

Apr 14, 2026

Version History

Last enriched 3d ago

v2Tier C3d ago

Updated affected versions to include 146.0.3856.84, changed severity to HIGH, and noted that no exploit is available.

affectedVersionsseverityactivelyExploited

via VulDB

v13d ago

Initial creation