Impact
This vulnerability arises from a type‑confusion flaw that lets an attacker access a resource using an incompatible data type. The flaw enables an unauthorized user to execute arbitrary code on the affected system across a network, thereby granting full compromise of the victim machine.
Affected Systems
The affected product is Microsoft Edge (Chromium‑based). No specific version range was supplied in the advisory, so all builds of the Chromium‑based Edge that have not yet been patched may be impacted.
Risk and Exploitability
The CVSS score of 7.5 marks this as a high severity vulnerability. The EPSS score is not available, and the CVE is not listed in the CISA KEV catalog, so the precise likelihood of exploitation remains uncertain. The description implies a remote attack path via the network, suggesting that a threat actor can deliver malicious content to a user’s browser to trigger the type‑confusion and gain code execution.
OpenCVE Enrichment