🟠 High  |  Source: Microsoft Security Response Center


A vulnerability tracked as CVE-2026-14399 has been identified in Dawn, the open-source WebGPU implementation used by Chromium. The flaw involves uninitialized memory use, which can potentially be exploited to leak sensitive data or achieve code execution within the browser. Microsoft Edge, being Chromium-based, is affected and will receive a fix via its regular Chromium ingestion process.

Security Architect’s Take: Ensure Microsoft Edge deployments across your organisation are updated to the latest version as soon as Microsoft releases the patched Chromium-based build. If your environment uses browser-based access to Azure or other cloud consoles, prioritise this update to reduce the risk of in-browser exploitation targeting cloud sessions.

Original advisory: Chromium: CVE-2026-14399 Uninitialized Use in Dawn