🟠 High | Source: Microsoft Security Response Center
A vulnerability (CVE-2026-13777) has been identified in the Chromium engine affecting input validation within the iOS web component. Because Microsoft Edge is built on Chromium, it inherits this flaw and is also affected. Google has issued a fix via Chrome, and Microsoft Edge will receive the patch through its regular Chromium ingestion process.
Security Architect’s Take: Ensure Microsoft Edge deployments across your organisation are updated to the latest version as soon as the patched Chromium build is ingested. If your environment uses managed browser policies via Intune or Group Policy, verify auto-update is enabled and consider pushing an expedited update cycle for endpoints where Edge is used to access sensitive cloud workloads.
Original advisory: Chromium: CVE-2026-13777 Insufficient validation of untrusted input in iOSWeb