Microsoft Security Response Center Blog Alerts

Chromium: CVE-2026-3939 Use after free in WebView

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

Chromium: CVE-2026-3938 Insufficient policy enforcement in Clipboard

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

Chromium: CVE-2026-3937 Incorrect security UI in Downloads

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

Chromium: CVE-2026-3936 Use after free in WebView

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

Chromium: CVE-2026-3935 Incorrect security UI in WebAppInstalls

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

Chromium: CVE-2026-3941 Insufficient policy enforcement in DevTools

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

Chromium: CVE-2026-3940 Insufficient policy enforcement in DevTools

Published March 14, 2026

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

CVE-2026-27171 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.

Published March 14, 2026

Information published.

CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib

Published March 14, 2026

Information published.

CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath

Published March 14, 2026

Information published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

AbuseIPDB Contributor Badge

© 2026, Network Services Group |  216.73.216.175
Contributor,  Detroit Internet Exchange