Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-dddf-j2v3-jbac
Vulnerability ID VCID-dddf-j2v3-jbac
Aliases CVE-2019-0746
GHSA-jhx3-2w5x-x39x
Summary Exposure of Sensitive Information to an Unauthorized Actor An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
epss 0.22506 https://api.first.org/data/v1/epss?cve=CVE-2019-0746
cvssv3.1 6.5 https://github.com/advisories/GHSA-jhx3-2w5x-x39x
generic_textual MODERATE https://github.com/advisories/GHSA-jhx3-2w5x-x39x
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2019-0746
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2019-0746
cvssv3.1 6.5 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746
generic_textual MODERATE https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2019-0746
https://github.com/advisories/GHSA-jhx3-2w5x-x39x
CVE-2019-0746 https://nvd.nist.gov/vuln/detail/CVE-2019-0746
CVE-2019-0746 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/advisories/GHSA-jhx3-2w5x-x39x
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-0746
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.95947
EPSS Score 0.22506
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-02T04:39:05.601671+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2019-0746.yml 38.6.0