Msrc Microsoft Edge vulnerabilities

CVE-2025-1919 [HIGH] Chromium: CVE-2025-1919 Out of bounds read in Media Chromium: CVE-2025-1919 Out of bounds read in Media Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (

CVE-2025-1916 [HIGH] Chromium: CVE-2025-1916 Use after free in Profiles Chromium: CVE-2025-1916 Use after free in Profiles Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2025-2137 [HIGH] Chromium: CVE-2025-2137 Out of bounds read in V8 Chromium: CVE-2025-2137 Out of bounds read in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.62 3/12//2025 134.0.6998.89 FAQ: Why is this Chrome CVE

CVE-2025-1914 [HIGH] Chromium: CVE-2025-1914 Out of bounds read in V8 Chromium: CVE-2025-1914 Out of bounds read in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2025-1922 [MEDIUM] Chromium: CVE-2025-1922 Inappropriate Implementation in Selection Chromium: CVE-2025-1922 Inappropriate Implementation in Selection Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2025-26643 [MEDIUM] CWE-449 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability Description: The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the

CVE-2025-29806 [MEDIUM] CWE-843 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Description: No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. FAQ: What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 129.0.2792.52 129.0.6668.58/.59 9/19/2024

CVE-2025-1923 [MEDIUM] Chromium: CVE-2025-1923 Inappropriate Implementation in Permission Prompts Chromium: CVE-2025-1923 Inappropriate Implementation in Permission Prompts Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Soft

CVE-2025-1917 [MEDIUM] Chromium: CVE-2025-1917 Inappropriate Implementation in Browser UI Chromium: CVE-2025-1917 Inappropriate Implementation in Browser UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which

CVE-2025-1921 [MEDIUM] Chromium: CVE-2025-1921 Inappropriate Implementation in Media Stream Chromium: CVE-2025-1921 Inappropriate Implementation in Media Stream Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) w

CVE-2025-1006 [HIGH] Chromium: CVE-2025-1426 Heap buffer overflow in GPU Chromium: CVE-2025-1426 Heap buffer overflow in GPU Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.82 2/21/2025 133.0.6943.126/.127 FAQ: Why is this

CVE-2025-0995 [HIGH] Chromium: CVE -2025-0995 Use after free in V8 Chromium: CVE -2025-0995 Use after free in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-ba

CVE-2025-0999 [HIGH] Chromium: CVE-2025-0999 Heap buffer overflow in V8 Chromium: CVE-2025-0999 Heap buffer overflow in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.82 2/21/2025 133.0.6943.126/.127 FAQ: Why is this Ch

CVE-2025-0997 [HIGH] Chromium: CVE -2025-0997 Use after free in Navigation Chromium: CVE -2025-0997 Use after free in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft E

CVE-2025-1426 [HIGH] Chromium: CVE-2025-1006 Use after free in Network Chromium: CVE-2025-1006 Use after free in Network Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.82 2/21/2025 133.0.6943.126/.127 FAQ: Why is this Chro

CVE-2025-21342 [HIGH] CWE-843 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and integrity (I:H), and some loss of availability (A:L). What does that mean for this vulnerability? An attacker who successfully exploited this vulnerability could view sensitive information (Confid

CVE-2025-21408 [HIGH] CWE-843 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution? Successful exploitation of this vulnerability requires the victim user to click a malicious link so that the attacker can initiate remote code execution on the rend

CVE-2025-21279 [MEDIUM] CWE-843 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution? Successful exploitation of this vulnerability requires the victim user to click a malicious link so that the attacker can initiate remote code execution on the re

CVE-2025-0444 [MEDIUM] Chromium: CVE-2025-0444 Use after free in Skia Chromium: CVE-2025-0444 Use after free in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium

CVE-2025-21283 [MEDIUM] CWE-1222 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution? Successful exploitation of this vulnerability requires the victim user to click a malicious link so that the attacker can initiate remote code execution on the r