🟠 High  |  Source: Microsoft Security Response Center


A vulnerability identified as CVE-2026-14153 has been found in the Glic component of Chromium, involving an inappropriate implementation flaw. Microsoft Edge, which is built on the Chromium engine, is affected and has received a patch via the upstream Chromium project. Organisations using Edge-based browsers in their environment should apply the latest update to mitigate potential exploitation.

Security Architect’s Take: Ensure Microsoft Edge is updated to the latest Chromium-based release across all managed endpoints and virtual desktop environments, particularly where users access cloud management consoles or sensitive web applications. Consider enforcing browser update policies via Intune or Group Policy to reduce the window of exposure.

Original advisory: Chromium: CVE-2026-14153 Inappropriate implementation in Glic