Changeflow GovPing Vulnerability Alerts Microsoft Edge Vulnerability Poses Data Confide...
Priority review Notice Added Final

Microsoft Edge Vulnerability Poses Data Confidentiality Risk

Favicon for www.cert.ssi.gouv.fr CERT-FR Security Advisories
Published March 13th, 2026
Detected March 13th, 2026
Email

Summary

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding a vulnerability in Microsoft Edge for Android and iOS. The vulnerability, identified as CVE-2026-26133, poses a risk of data confidentiality breaches. Users are advised to refer to Microsoft's security bulletin for patch information.

View original document View source feed page

What changed

The French National Cybersecurity Agency (ANSSI) has issued an advisory (CERTFR-2026-AVI-0293) detailing a vulnerability (CVE-2026-26133) discovered in Microsoft Edge for Android and iOS. This vulnerability can lead to a breach of data confidentiality. The advisory references Microsoft's security bulletin from March 12, 2026, for details on the affected versions (prior to 145.3800.99 for both platforms) and the necessary patches.

Technology companies and users of Microsoft Edge on mobile devices should immediately consult the provided Microsoft security bulletin and apply the available updates to mitigate the risk of data confidentiality compromise. Failure to patch the vulnerability could expose sensitive user data to unauthorized access by attackers. This advisory highlights the ongoing need for prompt software updates to address security flaws.

What to do next

  1. Apply security updates for Microsoft Edge on Android and iOS as per Microsoft's security bulletin.
  2. Review data handling procedures to ensure no sensitive data is exposed due to unpatched vulnerabilities.

Source document (simplified)

Premier Ministre S.G.D.S.N

Agence nationale
de la sécurité des
systèmes d'information

Paris, le 13 mars 2026 N° CERTFR-2026-AVI-0293 Affaire suivie par: CERT-FR

Avis du CERT-FR

Objet: Vulnérabilité dans Microsoft Edge

Gestion du document

| Référence | CERTFR-2026-AVI-0293 |
| Titre | Vulnérabilité dans Microsoft Edge |
| Date de la première version | 13 mars 2026 |
| Date de la dernière version | 13 mars 2026 |
| Source(s) | Bulletin de sécurité Microsoft Edge CVE-2026-26133 du 12 mars 2026 |
Une gestion de version détaillée se trouve à la fin de ce document.

Risque

  • Atteinte à la confidentialité des données

Systèmes affectés

  • Microsoft Edge pour Android versions antérieures à 145.3800.99
  • Microsoft Edge pour iOS versions antérieures à 145.3800.99

Résumé

Une vulnérabilité a été découverte dans Microsoft Edge. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Documentation

Gestion détaillée du document

  1. le 13 mars 2026 Version initiale

Related changes

Favicon for www.gov.uk Export Licence Transmission Issue Resolved
Routine Mar 14, 2026 ECJU Notices to Exporters Trade & Export
Favicon for www.gov.uk Humanitarian Assistance Exception Notification for Petroleum Products
Priority review Mar 13, 2026 OFSI All Publications Trade & Export
Favicon for www.apra.gov.au APRA Releases Quarterly ADI Statistics for December 2025
Routine Mar 13, 2026 news-and-publications Government
Favicon for www.cisa.gov CISA Adds Two Exploited Vulnerabilities to KEV Catalog
Priority review Mar 13, 2026 CISA ICS-CERT Advisories Government
Favicon for www.cisa.gov CISA: Ignition Software Vulnerable to Code Execution
Priority review Mar 13, 2026 CISA ICS-CERT Advisories Government
Favicon for www.gao.gov GAO Report on DOD Cybersecurity Maturity Model Certification Program
Priority review Mar 13, 2026 GAO Reports & Testimonies Government Accountability

Source

Favicon for www.cert.ssi.gouv.fr
CERT-FR Security Advisories cert.ssi.gouv.fr/avis
Vulnerability Alerts
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Various
Published
March 13th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Technology companies
Geographic scope
INT

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Topics
Data Privacy Software Security

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Vulnerability Alerts alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CERT-FR Security Advisories publishes new changes.

Free. Unsubscribe anytime.