VDB
TNCVE-2026-42838
TNCVE-2026-42838
PUBLISHED
Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.
Timeline
- May 12, 2026 CVE Published
References
- Tenable: CVE-2026-42838 advisory