I'm sure no one here uses Edge, but in case you have parents out there who don't know better...

The vulnerability affects Microsoft Edge’s password manager. Password managers typically use end-to-end encryption and store passwords in cloud storage so that users can access them from anywhere. When passwords are needed, password managers normally decrypt the them for use and then delete them afterwards.

The fact that Edge keeps all passwords loaded without any encryption is both unusual and dangerous. Other password managers, including those that are built into browsers, don’t operate in this way—Rønning says Edge is the only Chromium-based browser he’s tested with this behavior.

Edge does require authentication to view passwords in the password manager, but this is of little protective value if attackers can simply gain access by reading the RAM, which is what happens here.

Also, this is apparently the expected behavior:

Rønning apparently shared his findings with Microsoft and received an unexpected response. According to ITavisen (machine translated), Edge’s password management behavior is “a deliberate design decision, “not a bug.” It’s unclear what benefit this design offers for users.