CVE-2026-33119EXPLOITEDPATCHED

microsoft · edge

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Description

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Affected Products

Vendor	Product	Versions
microsoft	edge	1.0.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	edge	cert_advisory	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33119(vendor-advisory, patch)

Related News (4 articles)

Tier B

BSI Advisories1d ago

[NEU] [mittel] Microsoft Edge: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR1d ago

Multiples vulnérabilités dans Microsoft Edge (13 avril 2026)

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-33119 | Microsoft Edge up to 146.0.3856.84 on Android clickjacking

→ No new info (linked only)

Tier A

Microsoft MSRC4d ago

CVE-2026-33119 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

→ No new info (linked only)

CVSS 3.15.4 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

147.0.3912.60

CWECWE-451

PublishedApr 10, 2026

Last enriched3d agov2

Trending Score53

Source articles4

Independent4

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-33118EXP

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Trending: 53

HIGHCVE-2026-21513EXPKEV

MSHTML Framework Security Feature Bypass Vulnerability

Trending: 49

HIGHCVE-2026-21509EXPKEV

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Trending: 40

CRITICALCVE-2026-32211EXP

Azure MCP Server Information Disclosure Vulnerability

Trending: 27

CRITICALCVE-2026-32213EXP

Azure AI Foundry Elevation of Privilege Vulnerability

Trending: 27

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 10, 2026

Discovered by ZDM

Apr 10, 2026

Updated: affectedVersions, severity, activelyExploited

Apr 10, 2026

Actively Exploited

Apr 13, 2026

Patch Available

Apr 13, 2026

Version History

Last enriched 3d ago

v2Tier C3d ago

Updated affected versions to include 146.0.3856.84, changed severity to HIGH, and noted that no exploit is available.

affectedVersionsseverityactivelyExploited

via VulDB

v13d ago

Initial creation