CVE-2025-47182 — Improper Input Validation in Microsoft Edge

CWE-20 — Improper Input Validation4 documents4 sources

Severity

5.6MEDIUMNVD

EPSS

0.2%

top 60.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Edge Microsoft Edge Chromium

Timeline

PublishedJul 11

Description

Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:NExploitability: 1.1 | Impact: 4.0

Affected Packages2 packages

▶NVDmicrosoft/edge_chromium< 138.0.3351.55

▶CVEListV5microsoft/microsoft_edge1.0.0.0 — 138.0.3351.55

🔴Vulnerability Details

CVEList

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability↗2025-07-11

▶

GHSA

GHSA-gf4j-q3jq-qp2g: Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally↗2025-07-11

▶

📋Vendor Advisories

Microsoft

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability↗2025-06-10

▶