Msrc Microsoft Edge vulnerabilities

CVE-2025-3620 [HIGH] Chromium: CVE-2025-3620 Use after free in USB Chromium: CVE-2025-3620 Use after free in USB Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-bas

CVE-2025-3619 [HIGH] Chromium: CVE-2025-3619 Heap buffer overflow in Codecs Chromium: CVE-2025-3619 Heap buffer overflow in Codecs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft

CVE-2025-3066 [HIGH] Chromium: CVE-2025-3066 Use after free in Site Isolation Chromium: CVE-2025-3066 Use after free in Site Isolation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micros

CVE-2025-25000 [HIGH] CWE-843 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Description: Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 135.0.3179.54 4/3/2025 135.0.7049.41

CVE-2025-29815 [HIGH] CWE-416 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Description: Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an authentica

CVE-2025-3069 [HIGH] Chromium: CVE-2025-3069 Inappropriate implementation in Extensions Chromium: CVE-2025-3069 Inappropriate implementation in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2025-3068 [HIGH] Chromium: CVE-2025-3068 Inappropriate implementation in Intents Chromium: CVE-2025-3068 Inappropriate implementation in Intents Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is cons

CVE-2025-3071 [MEDIUM] Chromium: CVE-2025-3071 Inappropriate implementation in Navigations Chromium: CVE-2025-3071 Inappropriate implementation in Navigations Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) whi

CVE-2025-3072 [MEDIUM] Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) whi

CVE-2025-3073 [MEDIUM] Chromium: CVE-2025-3073 Inappropriate implementation in Autofill Chromium: CVE-2025-3073 Inappropriate implementation in Autofill Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is

CVE-2025-3074 [MEDIUM] Chromium: CVE-2025-3074 Inappropriate implementation in Downloads Chromium: CVE-2025-3074 Inappropriate implementation in Downloads Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2025-3070 [MEDIUM] Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open

CVE-2025-24201 [CRITICAL] Chromium: CVE-2025-24201 Out of bounds write in GPU on Mac Chromium: CVE-2025-24201 Out of bounds write in GPU on Mac Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware of reports that an exploit for CVE-2025-24201 exists in the wild. FAQ: What is the version information for this release? Microsoft Edge Version Date

CVE-2025-1918 [HIGH] Chromium: CVE-2025-1918 Out of bounds read in PDFium Chromium: CVE-2025-1918 Out of bounds read in PDFium Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge

CVE-2025-2136 [HIGH] Chromium: CVE-2025-2136 Use after free in Inspector Chromium: CVE-2025-2136 Use after free in Inspector Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.62 3/12//2025 134.0.6998.89 FAQ: Why is this Chrom

CVE-2025-2135 [HIGH] Chromium: CVE-2025-2135 Type Confusion in V8 Chromium: CVE-2025-2135 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.62 3/12//2025 134.0.6998.89 FAQ: Why is this Chrome CVE included

CVE-2025-1915 [HIGH] Chromium: CVE-2025-1915 Improper Limitation of a Pathname to a Restricted Directory in DevTools Chromium: CVE-2025-1915 Improper Limitation of a Pathname to a Restricted Directory in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to

CVE-2025-1920 [HIGH] Chromium: CVE-2025-1920 Type Confusion in V8 Chromium: CVE-2025-1920 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.62 3/12//2025 134.0.6998.89 FAQ: Why is this Chrome CVE included

CVE-2025-2476 [HIGH] Chromium: CVE-2025-2476 Use after free in Lens Chromium: CVE-2025-2476 Use after free in Lens Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.83 3/21/2025 134.0.6998.117/.118 FAQ: Why is this Chrome CVE

CVE-2025-2783 [HIGH] Chromium: CVE-2025-2783 Incorrect handle provided in unspecified circumstances in Mojo on Windows Chromium: CVE-2025-2783 Incorrect handle provided in unspecified circumstances in Mojo on Windows Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released