VulnerableCode Vulnerability Details - VCID-uuzg-ntts-5ubk

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-uuzg-ntts-5ubk

Essentials
Severities (1)
References (8)
Severity details (0)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-uuzg-ntts-5ubk
Aliases	CVE-2018-8279
Summary	Access of Resource Using Incompatible Type ('Type Confusion') A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301.
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-843	Access of Resource Using Incompatible Type ('Type Confusion')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.80263	https://api.first.org/data/v1/epss?cve=CVE-2018-8279

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2018-8279
		https://www.exploit-db.com/exploits/45214/
		http://www.securityfocus.com/bid/104641
		http://www.securitytracker.com/id/1041256
CVE-2018-8279	Exploit	https://bugs.chromium.org/p/project-zero/issues/detail?id=1570
CVE-2018-8279	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45214.js
CVE-2018-8279		https://nvd.nist.gov/vuln/detail/CVE-2018-8279
CVE-2018-8279		https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279

Data source	Exploit-DB
Date added	Aug. 17, 2018
Description	Microsoft Edge Chakra JIT - Parameter Scope Parsing Type Confusion
Ransomware campaign use	Known
Source publication date	Aug. 17, 2018
Exploit type	dos
Platform	windows
Source update date	Aug. 19, 2018
Source URL	https://bugs.chromium.org/p/project-zero/issues/detail?id=1570

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.9914
EPSS Score	0.80263
Published At	June 4, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-02T04:38:00.078448+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2018-8279.yml	38.6.0