The version of Microsoft Edge installed on the remote Windows host is prior to 147.0.3912.60. It is, therefore, affected by multiple vulnerabilities as referenced in the April 10, 2026 advisory.

  - Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who     convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted     HTML page. (Chromium security severity: Medium) (CVE-2026-5874)

  - User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an     unauthorized attacker to perform spoofing over a network. (CVE-2026-33119)

  - Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2026-33118)

  - Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute     arbitrary code via a crafted HTML page. (Chromium security severity: Critical) (CVE-2026-5858)

  - Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially     exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) (CVE-2026-5859)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Microsoft Edge (Chromium) < 147.0.3912.60 Multiple Vulnerabilities

high Nessus Plugin ID 305979

Version 1.7