Chromium: CVE-2026-3920 Out of bounds memory access in WebML
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3920
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3920
Chromium: CVE-2026-3921 Use after free in TextEncoding
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3921
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3921
Chromium: CVE-2026-3922 Use after free in MediaStream
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3922
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3922
Chromium: CVE-2026-3923 Use after free in WebMIDI
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3923
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3923
Chromium: CVE-2026-3924 Use after free in WindowDialog
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3924
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3924
Chromium: CVE-2026-3926 Out of bounds read in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3926
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3926
Chromium: CVE-2026-3927 Incorrect security UI in PictureInPicture
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3927
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3927
Chromium: CVE-2026-3928 Insufficient policy enforcement in Extensions
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3928
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3928
Chromium: CVE-2026-3929 Side-channel information leakage in ResourceTiming
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3929
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3929
Chromium: CVE-2026-3936 Use after free in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3936
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3936
Chromium: CVE-2026-3915 Heap buffer overflow in WebML
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3915
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3915
Chromium: CVE-2026-3925 Incorrect security UI in LookalikeChecks
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3925
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3925
Chromium: CVE-2026-3910 Inappropriate implementation in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.Google is aware that an exploit for CVE-2026-3910 exists in the wild.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3910
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.Google is aware that an exploit for CVE-2026-3910 exists in the wild.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3910
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58160
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58160
CVE-2026-27171 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27171
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27171
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27141
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27141
CVE-2026-27138 Panic in name constraint checking for malformed certificates in crypto/x509
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27138
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27138
CVE-2026-27137 Incorrect enforcement of email constraints in crypto/x509
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27137
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27137
CVE-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3381
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3381
CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-31802
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-31802