The bug was disclosed on Twitter by an Indian researcher, Rajvardhan Agarwal, on Tuesday. Edge is based on the engine in Google's open-source Chromium browser.
Satnam Narang, staff research engineer with security shop Tenable, told iTWire that the vulnerability appeared to be the same one that was disclosed during the Pwn2Own contest held earlier this month.
According to the results of the contest, the bug was used by Bruno Keith and Niklas Baumstark of Dataflow Security to target Chrome and Edge in the Web browser category.
Narang said the vulnerability had been patched in the V8 engine, but was yet to be patched in both Chrome and Edge.
"While it is concerning that details about a vulnerability in popular Web browsers has been publicly disclosed, the cause for concern dissipates when you consider that the vulnerability by itself cannot escape Google's sandbox," he added.
"This means that an attacker cannot compromise the underlying operating system or access confidential information. It's sort of like clapping your hands; you can't truly clap with just one hand, you need both.
"Similarly, in this instance, an attacker would need to chain this V8 vulnerability with a second vulnerability to escape the sandbox."
However, he was quick to add that this did not mean one could sit back and not patch when patches became available.
"Despite that, we strongly encourage users and organisations alike to ensure they are patching their browsers like Chrome and Edge as soon as possible, as unpatched browsers and systems are ripe targets for cyber criminals and advanced persistent threat groups," Narang added.