Back

Microsoft Edge Exposes Saved Passwords in Cleartext Memory at Launch

Severity: Medium (Score: 48.9)

Sources: Cybersecuritynews, Gbhackers

Summary

A security researcher revealed that Microsoft Edge decrypts all saved passwords into process memory in cleartext immediately upon launch. This behavior occurs regardless of whether the user visits any of the associated websites. The discovery was made public on April 29, 2026, by PaloAltoNtwks Norway during the BigBiteOfTech conference. Microsoft has stated that this insecure practice is by design, raising concerns among security professionals. The implications of this flaw could affect millions of users who rely on Edge for password management. The exact number of affected users remains unspecified, but the potential for exploitation is significant. This vulnerability does not have a CVE assigned yet, and no active exploitation has been reported. The situation is currently under scrutiny as users and experts await further updates from Microsoft. Key Points: • Microsoft Edge stores all saved passwords in cleartext memory at startup. • This behavior is reportedly by design, according to Microsoft. • No CVE has been assigned, and active exploitation has not been confirmed.

Key Entities

  • CWE-200 - Exposure of Sensitive Information (cwe)
  • T1003 - OS Credential Dumping (mitre_attack)
  • Microsoft Edge (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed