🟠 High  |  Source: Microsoft Security Response Center


A memory safety vulnerability (out of bounds write) has been identified in ANGLE, the graphics abstraction layer used by Chromium-based browsers including Microsoft Edge. The flaw was assigned and patched by Google Chrome, with Microsoft Edge inheriting the fix via its Chromium dependency. Out of bounds write vulnerabilities can potentially be exploited to execute arbitrary code on a victim’s machine.

Security Architect’s Take: Ensure Microsoft Edge and any Chromium-based browsers deployed across your organisation are updated to the latest version immediately. If you manage browser versions centrally via Intune, SCCM, or Group Policy, trigger an expedited update cycle and verify compliance, particularly for privileged users and developers with access to cloud management consoles.

Original advisory: Chromium: CVE-2026-14397 Out of bounds write in ANGLE