🟠 High | Source: Microsoft Security Response Center
A use-after-free vulnerability (CVE-2026-13027) has been identified in the Chromium FileSystem component, affecting Microsoft Edge and other Chromium-based browsers. Use-after-free flaws occur when a programme continues to reference memory after it has been freed, potentially allowing an attacker to execute arbitrary code. This vulnerability was originally assigned by Google Chrome and Microsoft Edge is affected due to its Chromium dependency.
Security Architect’s Take: Ensure Microsoft Edge is updated to the latest stable release across all managed endpoints and browser fleet policies; use Intune or equivalent endpoint management tooling to enforce the update and verify compliance, paying particular attention to any cloud workstations or developer machines with elevated access to Azure environments.
Original advisory: Chromium: CVE-2026-13027 Use after free in FileSystem