Msrc Microsoft Edge vulnerabilities

CVE-2025-12431 [MEDIUM] Chromium: CVE-2025-12431 Inappropriate implementation in Extensions Chromium: CVE-2025-12431 Inappropriate implementation in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142

CVE-2025-12440 [MEDIUM] Chromium: CVE-2025-12440 Inappropriate implementation in Autofill Chromium: CVE-2025-12440 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7

CVE-2025-11210 [MEDIUM] Chromium: CVE-2025-11210 Side-channel information leakage in Tab Chromium: CVE-2025-11210 Side-channel information leakage in Tab Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is

CVE-2025-12433 [MEDIUM] Chromium: CVE-2025-12433 Inappropriate implementation in V8 Chromium: CVE-2025-12433 Inappropriate implementation in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

CVE-2025-12446 [MEDIUM] Chromium: CVE-2025-12446 Incorrect security UI in SplitView Chromium: CVE-2025-12446 Incorrect security UI in SplitView Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

CVE-2025-11212 [MEDIUM] Chromium: CVE-2025-11212 Inappropriate implementation in Media Chromium: CVE-2025-11212 Inappropriate implementation in Media Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is con

CVE-2025-12434 [MEDIUM] Chromium: CVE-2025-12434 Race in Storage Chromium: CVE-2025-12434 Race in Storage Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60 FAQ: Why is this Chrome CVE included

CVE-2025-12445 [MEDIUM] Chromium: CVE-2025-12445 Policy bypass in Extensions Chromium: CVE-2025-12445 Policy bypass in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60 FAQ: Why is t

CVE-2025-12439 [MEDIUM] Chromium: CVE-2025-12439 Inappropriate implementation in App-Bound Encryption Chromium: CVE-2025-12439 Inappropriate implementation in App-Bound Encryption Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 142.0.35

CVE-2025-11219 [LOW] Chromium: CVE-2025-11219 Use after free in V8 Chromium: CVE-2025-11219 Use after free in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-bas

CVE-2025-10585 [CRITICAL] Chromium: CVE-2025-10585 Type Confusion in V8 Chromium: CVE-2025-10585 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-10585 exists in the wild. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version

CVE-2025-10890 [CRITICAL] Chromium: CVE-2025-10890 Side-channel information leakage in V8 Chromium: CVE-2025-10890 Side-channel information leakage in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.733

CVE-2025-10200 [HIGH] Chromium: CVE-2025-10200 Use after free in Serviceworker Chromium: CVE-2025-10200 Use after free in Serviceworker Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.66 09/11/2025 140.0.7339.133 FAQ: Why i

CVE-2025-10891 [HIGH] Chromium: CVE-2025-10891 Integer overflow in V8 Chromium: CVE-2025-10891 Integer overflow in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208 FAQ: Why is this Chrome CVE

CVE-2025-10201 [HIGH] Chromium: CVE-2025-10201 Inappropriate implementation in Mojo Chromium: CVE-2025-10201 Inappropriate implementation in Mojo Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.66 09/11/2025 140.0.7339.133

CVE-2025-10502 [HIGH] Chromium: CVE-2025-10502 Heap buffer overflow in ANGLE Chromium: CVE-2025-10502 Heap buffer overflow in ANGLE Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.81 09/19/2025 140.0.7339.186 FAQ: Why is th

CVE-2025-10501 [HIGH] Chromium: CVE-2025-10501 Use after free in WebRTC Chromium: CVE-2025-10501 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.81 09/19/2025 140.0.7339.186 FAQ: Why is this Chrome

CVE-2025-9866 [HIGH] Chromium: CVE-2025-9866 Inappropriate implementation in Extensions Chromium: CVE-2025-9866 Inappropriate implementation in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2025-59251 [HIGH] CWE-121 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.81 09/19/2025 140.0.7339.186 FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code executi

CVE-2025-10892 [HIGH] Chromium: CVE-2025-10892 Integer overflow in V8 Chromium: CVE-2025-10892 Integer overflow in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208 FAQ: Why is this Chrome CVE