🟠 High | Source: Microsoft Security Response Center
A use-after-free vulnerability in the GPU component of Chromium (CVE-2026-15900) has been identified and patched by Google. Microsoft Edge, which is built on Chromium, inherits this fix. Use-after-free flaws can allow attackers to execute arbitrary code by manipulating freed memory, potentially compromising the affected browser and the underlying system.
Security Architect’s Take: Ensure Microsoft Edge is updated to the latest stable release across all managed endpoints and virtual desktop environments, including Azure Virtual Desktop deployments. Prioritise this in environments where users access sensitive cloud management portals via Edge.
Original advisory: Chromium: CVE-2026-15900 Use after free in GPU