SECUI Corporation


	Korean

<< Back

VID	50438
Severity	40
Port	139,445
Protocol	TCP
Class	SMB
Detailed Description	The version of Microsoft Edge installed on the remote Windows host is prior to 148.0.3967.55. It is, therefore, affected by multiple vulnerabilities as referenced in the May 11, 2026 advisory. - Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) (CVE-2026-7905) - External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. (CVE-2026-41107) - User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. (CVE-2026-40416, CVE-2026-42891) - Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.(CVE-2026-42838) - Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page.(Chromium security severity: Critical) (CVE-2026-7897) * References: https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#may-11-2026 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40416 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41107 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42838 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42891 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7897 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7905 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7912 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7913 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7915 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7931 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7941 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7993 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8020 * Platforms Affected: Microsoft Edge versions prior to 148.0.3967.55 Microsoft Windows Any version
Recommendation	Upgrade to the latest version of Microsoft Edge at (148.0.3967.55 or later), as described in the Microsoft Security bulletin at https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
Related URL	CVE-2026-40416,CVE-2026-41107,CVE-2026-42838,CVE-2026-42891,CVE-2026-7897,CVE-2026-7905,CVE-2026-7912,CVE-2026-7913,CVE-2026-7915 (CVE)
Related URL	(SecurityFocus)
Related URL	(ISS)