Microsoft has disclosed and patched multiple spoofing vulnerabilities affecting Microsoft Edge for Android, including CVE-2026-35429, CVE-2026-42891, CVE-2026-0391, CVE-2025-47967, and the earlier CVE-2024-21387. The issues are described as user interface misrepresentation flaws that could let an unauthenticated attacker present misleading content over a network, potentially tricking users who visit attacker-controlled pages. The repeated classification points to browser UI spoofing risks in the Android version of Edge rather than code execution or privilege escalation.
For CVE-2026-35429, Microsoft said the flaw was rated Moderate with a CVSS v3.1 score of 4.3, required user interaction, and had low attack complexity with no privileges required. Microsoft also stated the vulnerability was not publicly disclosed and not exploited at the time of publication, and released a fix in Microsoft Edge for Android version 148.0.3967.55. The additional CVE entries indicate a broader pattern of Edge for Android spoofing issues being tracked and remediated through Microsoft’s Security Update Guide.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
6 events from the most recent confirmed update back to the earliest known activity.
Microsoft published a Security Update Guide entry for CVE-2026-42891 affecting Chromium-based Microsoft Edge for Android. The reference provides no synopsis, but confirms the advisory was public by this date.
Microsoft disclosed CVE-2026-35429, a moderate spoofing vulnerability in Chromium-based Edge for Android caused by UI misrepresentation (CWE-451), and stated it was not publicly disclosed or exploited. Microsoft said the fix was available in Edge for Android version 148.0.3967.55 released the same day.
Microsoft published a Security Update Guide entry for CVE-2025-47967, describing it as a spoofing vulnerability in Microsoft Edge for Android. The reference contains no further synopsis beyond the advisory listing.
Microsoft added CVE-2026-0391 to its Security Update Guide for Chromium-based Microsoft Edge on Android. No additional technical synopsis is provided in the reference, but the advisory was publicly available by this date.
Microsoft listed CVE-2024-21387 in its Security Update Guide as a spoofing vulnerability affecting Microsoft Edge for Android. The reference indicates public disclosure of the advisory by this date.
Microsoft published a Security Update Guide entry for CVE-2023-38173 affecting Microsoft Edge for Android and classified it as a spoofing vulnerability. The reference provides no additional synopsis beyond confirming the advisory was publicly available by this date.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
7 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.