🟠 High | Source: Microsoft Security Response Center
CVE-2026-14428 is a vulnerability in Dawn, the open-source WebGPU implementation used by Chromium-based browsers, caused by insufficient validation of untrusted input. Microsoft Edge inherits this flaw through its Chromium dependency and has addressed it via an upstream patch from Google Chrome. Unpatched browsers could potentially be exploited through malicious web content to execute unintended actions at the GPU/rendering layer.
Security Architect’s Take: Ensure Microsoft Edge and any Chromium-based browsers deployed across your organisation are updated to the latest stable release. If you manage browser versions centrally via Intune, SCCM, or Group Policy, prioritise pushing this update — particularly for users accessing sensitive cloud management portals or internal web applications.
Original advisory: Chromium: CVE-2026-14428 Insufficient validation of untrusted input in Dawn