Msrc Microsoft Edge vulnerabilities

CVE-2025-8583 [MEDIUM] Chromium: CVE-2025-8583 Inappropriate implementation in Permissions Chromium: CVE-2025-8583 Inappropriate implementation in Permissions Description: Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.86 8/07/2025 139.0.7258.66/67 FAQ: Why is this Ch

CVE-2025-7656 [HIGH] Chromium: CVE-2025-7656 Integer overflow in V8 Chromium: CVE-2025-7656 Integer overflow in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-b

CVE-2025-8011 [HIGH] Chromium: CVE-2025-8011 Type Confusion in V8 Chromium: CVE-2025-8011 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 138.0.3351.109 7/25/2025 138.0.7204.168/.169 FAQ: Why is this Chrome CVE in

CVE-2025-49741 [HIGH] CWE-268 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Description: No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 135.0.3179.98 4/25/2025 135.0.7049.114/.115 Microsoft Edge (Chro

CVE-2025-6558 [HIGH] Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6558 exists in the wild. FAQ: Why is this Chrome CVE included in the Security Upda

CVE-2025-6554 [HIGH] Chromium: CVE-2025-6554 Type Confusion in V8 Chromium: CVE-2025-6554 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6554 exists in the wild. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Sou

CVE-2025-49713 [HIGH] CWE-843 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Description: Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote c

CVE-2025-7657 [HIGH] Chromium: CVE-2025-7657 Use after free in WebRTC Chromium: CVE-2025-7657 Use after free in WebRTC Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2025-8010 [HIGH] Chromium: CVE-2025-8010 Type Confusion in V8 Chromium: CVE-2025-8010 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 138.0.3351.109 7/25/2025 138.0.7204.168/.169 FAQ: Why is this Chrome CVE in

CVE-2025-8292 [HIGH] Chromium: CVE-2025-8292 Use after free in Media Stream Chromium: CVE-2025-8292 Use after free in Media Stream Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft

CVE-2025-5959 [HIGH] Chromium: CVE-2025-5959 Type Confusion in V8 Chromium: CVE-2025-5959 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2025-6192 [HIGH] Chromium: CVE-2025-6192 Use after free in Profiler Chromium: CVE-2025-6192 Use after free in Profiler Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2025-6191 [HIGH] Chromium: CVE-2025-6191 Integer overflow in V8 Chromium: CVE-2025-6191 Integer overflow in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-b

CVE-2025-5068 [HIGH] Chromium: CVE-2025-5068 Use after free in Blink Chromium: CVE-2025-5068 Use after free in Blink Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 137.0.3296.62 6/3/2025 137.0.7151.68/.69 FAQ: Why is this Chrome CVE

CVE-2025-5419 [HIGH] Chromium: CVE-2025-5419 Out of bounds read and write in V8 Chromium: CVE-2025-5419 Out of bounds read and write in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-5419 exists in the wild. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based o

CVE-2025-5958 [HIGH] Chromium: CVE-2025-5958 Use after free in Media Chromium: CVE-2025-5958 Use after free in Media Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium

CVE-2025-47964 [MEDIUM] CWE-451 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. T

CVE-2025-47182 [MEDIUM] CWE-20 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Description: Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? To successfully exploit this vulnerability, an attacker would need exi

CVE-2025-6556 [MEDIUM] Chromium: CVE-2025-6556 Insufficient policy enforcement in Loader Chromium: CVE-2025-6556 Insufficient policy enforcement in Loader Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 138.0.3351.55 6/26/2025 138.0.720

CVE-2025-6555 [MEDIUM] Chromium: CVE-2025-6555 Use after free in Animation Chromium: CVE-2025-6555 Use after free in Animation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 138.0.3351.55 6/26/2025 138.0.7204.49/.50 FAQ: Why is this