A use-after-free vulnerability (CVE-2026-11638) has been identified in the Printing component of Chromium, the open-source browser engine underpinning Microsoft Edge. Use-after-free flaws occur when a programme continues to reference memory after it has been freed, potentially allowing an attacker to execute arbitrary code. This vulnerability affects Microsoft Edge (Chromium-based) and has been addressed upstream by Google Chrome.

Security Architect’s Take: Ensure Microsoft Edge is updated to the latest patched version across all managed endpoints and virtual desktop environments — pay particular attention to Azure Virtual Desktop and any browser-based access solutions. Consider enforcing browser version compliance via Intune or equivalent MDM policy to reduce exposure windows.

Original advisory: Chromium: CVE-2026-11638 Use after free in Printing