Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-q7g9-336k-zqch
Vulnerability ID VCID-q7g9-336k-zqch
Aliases CVE-2019-0773
GHSA-3w9q-c44j-37jj
Summary Out-of-bounds Write A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-787 Out-of-bounds Write
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.06805 https://api.first.org/data/v1/epss?cve=CVE-2019-0773
cvssv3.1 7.5 https://github.com/advisories/GHSA-3w9q-c44j-37jj
generic_textual HIGH https://github.com/advisories/GHSA-3w9q-c44j-37jj
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2019-0773
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2019-0773
cvssv3.1 7.5 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773
generic_textual HIGH https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2019-0773
https://github.com/advisories/GHSA-3w9q-c44j-37jj
CVE-2019-0773 https://nvd.nist.gov/vuln/detail/CVE-2019-0773
CVE-2019-0773 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/advisories/GHSA-3w9q-c44j-37jj
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-0773
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.91484
EPSS Score 0.06805
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-02T04:39:04.903121+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2019-0773.yml 38.6.0