PatchSiren cyber security CVE debrief
CVE-2026-58522 Microsoft CVE debrief
CVE-2026-58522 is a relative path traversal vulnerability in Microsoft Edge for Android. An unauthorized attacker could exploit this to disclose information locally. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM. The CVE record was published on 2026-07-03T21:17:05.883Z and has not been modified since then. The NVD entry is currently Analyzed. Users of Microsoft Edge for Android should apply updates to prevent local information disclosure.
- Vendor
- Microsoft
- Product
- Microsoft Edge (Chromium-based)
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-03
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-03
- Advisory updated
- 2026-07-07
Who should care
Users of Microsoft Edge for Android, security teams, and operators should be aware of this vulnerability and apply updates to prevent local information disclosure. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM.
Technical summary
CVE-2026-58522 is a relative path traversal vulnerability in Microsoft Edge for Android. An unauthorized attacker could exploit this to disclose information locally. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM. The vulnerability affects Microsoft Edge for Android, and users should apply updates to prevent local information disclosure.
Defensive priority
Apply updates to Microsoft Edge for Android to prevent local information disclosure. Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
Recommended defensive actions
- Apply updates to Microsoft Edge for Android
- Monitor for unusual activity
- Restrict access to sensitive data
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
Evidence notes
The CVE record was published on 2026-07-03T21:17:05.883Z and has not been modified since then. The NVD entry is currently Analyzed. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the vendor. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM. Users should be cautious of potential local information disclosure.
Official resources
-
CVE-2026-58522 CVE record
CVE.org
-
CVE-2026-58522 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-03T21:17:05.883Z and has not been modified since then.