Microsoft Edge Vulnerabilities Enable Remote Code Execution

Microsoft Edge Vulnerabilities Enable Remote Code Execution

First seen 17 Mar 2026, 04:36 UTC Hkcert 91% similarity 75.0

Article Content

Browse articles
ThreatCluster

Multiple vulnerabilities have been identified in Microsoft Edge, with CVE-2026-3910 and CVE-2026-3909 both being exploited in the wild. These vulnerabilities allow remote attackers to execute arbitrary code, bypass security restrictions, and manipulate data via crafted HTML pages. The risk level for both vulnerabilities is rated as Extremely High Risk. Users of Microsoft Edge are urged to apply the fixes issued by the vendor immediately. The vulnerabilities were published on 2026-03-12 and added to the CISA KEV list for active exploitation on 2026-03-13. Attackers can leverage these flaws to significantly compromise affected systems. Security professionals should prioritize patching to mitigate the risks associated with these vulnerabilities.

Key Points: • CVE-2026-3910 and CVE-2026-3909 are actively exploited vulnerabilities in Microsoft Edge. • Both vulnerabilities allow remote code execution and are rated as Extremely High Risk. • Users are advised to apply vendor-issued fixes immediately to protect their systems.

ThreatCluster AI

Timeline

2026-03-12
CVE-2026-3910 and CVE-2026-3909 published
2026-03-13
CVE-2026-3910 and CVE-2026-3909 added to CISA KEV for active exploitation
2026-03-16
First article published detailing vulnerabilities
2026-03-17
Second article published with additional details

Community

Browse all →