Primary

Context

Microsoft Edge Spoofing Vulnerability

Vulnerability

Patched

A spoofing vulnerability has been identified in Microsoft Edge (Chromium-based) version 148.0.3967.70. This vulnerability arises from the browser's tab-splitting feature, which only shows the domain prefix in the address bar instead of the full URL. This behavior can be exploited to create phishing attacks, making malicious websites appear legitimate by mimicking trusted domains.

Impact

Exploitation of this vulnerability could lead to phishing attacks, allowing attackers to make malicious websites appear as if they are from trusted sources.

Remediation

Users are advised to update to the latest version of Microsoft Edge. The security update for this vulnerability can be downloaded from the Microsoft Edge Security Update page.

Added: May 18, 2026, 6:21 PM

Updated: May 18, 2026, 6:21 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.2

remediation

7.7

relevance

8.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.2

remediation

7.7

relevance

8.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Edge Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Edge

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating