Msrc Microsoft Edge vulnerabilities

CVE-2025-21267 [MEDIUM] CWE-358 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. T

CVE-2025-0996 [MEDIUM] Chromium: CVE -2025-0996 Inappropriate implementation in Browser UI Chromium: CVE -2025-0996 Inappropriate implementation in Browser UI Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) wh

CVE-2025-0445 [MEDIUM] Chromium: CVE-2025-0445 Use after free in V8 Chromium: CVE-2025-0445 Use after free in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-bas

CVE-2025-21401 [MEDIUM] CWE-601 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.69 2/14/2025 133.0.6943.98/.99 FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), integrity (I:L) and availabil

CVE-2025-21404 [MEDIUM] CWE-449 Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability FAQ: What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.51 2/6/2025 133.0.6943.53/54 FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by

CVE-2025-0451 [MEDIUM] Chromium: CVE-2025-0451 Inappropriate implementation in Extensions API Chromium: CVE-2025-0451 Inappropriate implementation in Extensions API Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OS

CVE-2025-0998 Chromium: CVE -2025-0998 Out of bounds memory access in V8 Chromium: CVE -2025-0998 Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsof

CVE-2025-0291 [HIGH] Chromium: CVE-2025-0291 Type Confusion in V8 Chromium: CVE-2025-0291 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based

CVE-2025-0762 [HIGH] Chromium: CVE-2025-0762 Use after free in DevTools Chromium: CVE-2025-0762 Use after free in DevTools Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Ch

CVE-2025-0447 [HIGH] Chromium: CVE-2025-0447 Inappropriate implementation in Navigation Chromium: CVE-2025-0447 Inappropriate implementation in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2025-0437 [HIGH] Chromium: CVE-2025-0437 Out of bounds read in Metrics Chromium: CVE-2025-0437 Out of bounds read in Metrics Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Ed

CVE-2025-0611 [HIGH] Chromium: CVE-2025-0612 Out of bounds memory access in V8 Chromium: CVE-2025-0612 Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micr

CVE-2025-0443 [HIGH] Chromium: CVE-2025-0443 Insufficient data validation in Extensions Chromium: CVE-2025-0443 Insufficient data validation in Extensions Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which i

CVE-2025-0436 [HIGH] Chromium: CVE-2025-0436 Integer overflow in Skia Chromium: CVE-2025-0436 Integer overflow in Skia Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromi

CVE-2025-0434 [HIGH] Chromium: CVE-2025-0434 Out of bounds memory access in V8 Chromium: CVE-2025-0434 Out of bounds memory access in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micr

CVE-2025-0612 [HIGH] Chromium: CVE-2025-0611 Object corruption in V8 Chromium: CVE-2025-0611 Object corruption in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium

CVE-2025-0438 [HIGH] Chromium: CVE-2025-0438 Stack buffer overflow in Tracing Chromium: CVE-2025-0438 Stack buffer overflow in Tracing Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Micros

CVE-2025-0440 [MEDIUM] Chromium: CVE-2025-0440 Inappropriate implementation in Fullscreen Chromium: CVE-2025-0440 Inappropriate implementation in Fullscreen Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which

CVE-2025-0435 [MEDIUM] Chromium: CVE-2025-0435 Inappropriate implementation in Navigation Chromium: CVE-2025-0435 Inappropriate implementation in Navigation Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which

CVE-2025-0448 [MEDIUM] Chromium: CVE-2025-0448 Inappropriate implementation in Compositing Chromium: CVE-2025-0448 Inappropriate implementation in Compositing Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) whi