🟠 High | Source: Microsoft Security Response Center
A vulnerability in Chromium’s navigation handling fails to properly validate untrusted input, potentially allowing attackers to exploit the browser through malicious web content. This affects Microsoft Edge, which is built on Chromium. The flaw has been patched by the Chrome team and the fix is being ingested into Edge.
Security Architect’s Take: Ensure Microsoft Edge is updated to the latest version across all managed endpoints and virtual desktop environments — particularly relevant for Azure Virtual Desktop and enterprise browser deployments. Consider enforcing browser update policies via Intune or Group Policy to minimise the window of exposure.
Original advisory: Chromium: CVE-2026-13024 Insufficient validation of untrusted input in Navigation