CVE-2025-49736

CWE-4494 documents4 sources

Severity

4.3MEDIUM

EPSS

0.1%

top 80.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Microsoft Edge FOR Android Microsoft Edge

Timeline

PublishedAug 12

Description

The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5microsoft/microsoft_edge_for_android1.0.0 — 139.0.3405.86

▶NVDmicrosoft/edge< 139.0.3405.86

🔴Vulnerability Details

CVEList

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability↗2025-08-12

▶

GHSA

GHSA-cq92-fpfc-ph75: The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network↗2025-08-12

▶

📋Vendor Advisories

Microsoft

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability↗2025-08-12

▶