Microsoft Edge Vulnerability Allows Remote Attackers to Execute Arbitrary Code

Microsoft released updates addressing a Microsoft Edge vulnerability (CVE-2026-45495, CVSS 7.5) caused by improper path validation in feedback log processing that can lead to arbitrary code execution when a user opens a crafted file or visits a malicious page; Microsoft also fixed two related lower-severity Edge issues and urges administrators to apply patches, restrict untrusted attachments/links, use least-privilege accounts, and monitor endpoints.