🟠 High | Source: Microsoft Security Response Center
A use-after-free vulnerability (CVE-2026-12008) has been identified in the Chromium DigitalCredentials component, affecting Microsoft Edge due to its Chromium-based architecture. Use-after-free flaws occur when a programme continues to reference memory after it has been freed, potentially allowing an attacker to execute arbitrary code. This is particularly relevant in browser-based environments where users access cloud management portals and sensitive web applications.
Security Architect’s Take: Ensure Microsoft Edge is updated to the latest stable release as soon as Microsoft publishes a patched build ingesting the fixed Chromium version; consider enforcing browser version compliance via Intune or Group Policy to reduce exposure across managed endpoints accessing Azure portals and cloud consoles.
Original advisory: Chromium: CVE-2026-12008 Use after free DigitalCredentials