CVE Vulnerabilities

CVE-2025-26643

The UI Performs the Wrong Action

Published: Mar 07, 2025 | Modified: Mar 13, 2025

CVSS 3.x

5.4

MEDIUM

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-26643
CWE	https://cwe.mitre.org/data/definitions/449.html

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Weakness

The UI performs the wrong action with respect to the user’s request.

Affected Software

Name	Vendor	Start Version	End Version
Edge_chromium	Microsoft	*	134.0.3124.51 (excluding)

Potential Mitigations

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26643

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.