Microsoft Edge (Chromium) < 148.0.3967.70 多个漏洞

critical Nessus 插件 ID 315006

简介

远程主机上安装的网页浏览器受到多个漏洞的影响。

描述

远程 Windows 主机上安装的 Microsoft Edge 版本低于 148.0.3967.70。因此,该应用程序受到 2026 年 5 月 15 日公告中提及的多个漏洞影响。

- Microsoft Edge(基于 Chromium)远程代码执行漏洞 (CVE-2026-45495)

- Microsoft Edge(基于 Chromium)中的不当输入验证漏洞允许未经授权的攻击者通过网络绕过安全功能。(CVE-2026-45492)

- Microsoft Edge(基于 Chromium)欺骗漏洞 (CVE-2026-45494)

- Google Chrome 148.0.7778.168 之前版本的 WebML 中存在堆缓冲区溢出漏洞,远程攻击者可利用此漏洞,通过构建的 HTML 页面在沙盒中执行任意代码。(Chromium 安全严重性:危急)(CVE-2026-8509)

- Window 上的 Google Chrome 148.0.7778.168 之前版本的 Skia 中存在整数溢出,已破坏渲染器进程的远程攻击者会利用此漏洞,通过构建的 HTML 页面执行越界内存写入。
(Chromium 安全严重性:危急)(CVE-2026-8510)

请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。

解决方案

升级到 Microsoft Edge 148.0.3967.70 或更高版本。

另见

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45492

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45494

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45495

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8509

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8510

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8511

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8512

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8513

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8514

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8515

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8516

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8517

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8518

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8519

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8523

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8524

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8525

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8526

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8527

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8528

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8529

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8530

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8531

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8532

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8533

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8534

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8535

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8536

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8537

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8538

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8539

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8540

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8541

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8542

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8543

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8544

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8545

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8546

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8547

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8548

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8549

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8550

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8551

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8552

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8553

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8554

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8555

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8556

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8557

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8558

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8559

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8560

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8561

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8562

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8563

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8564

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8565

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8566

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8567

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8568

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8569

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8570

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8571

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8572

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8573

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8574

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8575

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8576

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8577

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8578

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8579

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8580

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8581

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8582

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8583

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8584

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8585

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8586

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8587

http://www.nessus.org/u?3145d246

插件详情

严重性: Critical

ID: 315006

文件名: microsoft_edge_chromium_148_0_3967_70.nasl

版本: 1.8

类型: Local

代理: windows

系列: Windows

发布时间: 2026/5/16

最近更新时间: 2026/5/26

支持的传感器: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

风险信息

VPR

风险因素: Medium

分数: 6.9

百分位: 96.92

CVSS v2

风险因素: Critical

基本分数: 10

时间分数: 7.4

矢量: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 分数来源: CVE-2026-45495

CVSS v3

风险因素: Critical

基本分数: 9.8

时间分数: 8.5

矢量: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

时间矢量: CVSS:3.0/E:U/RL:O/RC:C

漏洞信息

CPE: cpe:/a:microsoft:edge

必需的 KB 项: installed_sw/Microsoft Edge (Chromium), SMB/Registry/Enumerated

易利用性: No known exploits are available

补丁发布日期: 2026/5/15

漏洞发布日期: 2026/5/12

参考资料信息

CVE: CVE-2026-45492, CVE-2026-45494, CVE-2026-45495, CVE-2026-8509, CVE-2026-8510, CVE-2026-8511, CVE-2026-8512, CVE-2026-8513, CVE-2026-8514, CVE-2026-8515, CVE-2026-8516, CVE-2026-8517, CVE-2026-8518, CVE-2026-8519, CVE-2026-8523, CVE-2026-8524, CVE-2026-8525, CVE-2026-8526, CVE-2026-8527, CVE-2026-8528, CVE-2026-8529, CVE-2026-8530, CVE-2026-8531, CVE-2026-8532, CVE-2026-8533, CVE-2026-8534, CVE-2026-8535, CVE-2026-8536, CVE-2026-8537, CVE-2026-8538, CVE-2026-8539, CVE-2026-8540, CVE-2026-8541, CVE-2026-8542, CVE-2026-8543, CVE-2026-8544, CVE-2026-8545, CVE-2026-8546, CVE-2026-8547, CVE-2026-8548, CVE-2026-8549, CVE-2026-8550, CVE-2026-8551, CVE-2026-8552, CVE-2026-8553, CVE-2026-8554, CVE-2026-8555, CVE-2026-8556, CVE-2026-8557, CVE-2026-8558, CVE-2026-8559, CVE-2026-8560, CVE-2026-8561, CVE-2026-8562, CVE-2026-8563, CVE-2026-8564, CVE-2026-8565, CVE-2026-8566, CVE-2026-8567, CVE-2026-8568, CVE-2026-8569, CVE-2026-8570, CVE-2026-8571, CVE-2026-8572, CVE-2026-8573, CVE-2026-8574, CVE-2026-8575, CVE-2026-8576, CVE-2026-8577, CVE-2026-8578, CVE-2026-8579, CVE-2026-8580, CVE-2026-8581, CVE-2026-8582, CVE-2026-8583, CVE-2026-8584, CVE-2026-8585, CVE-2026-8586, CVE-2026-8587

IAVA: 2026-A-0490