Security
Headlines
HeadlinesLatestCVEs

Source

Microsoft Security Response Center

CVE-2025-32715: Remote Desktop Protocol Client Information Disclosure Vulnerability

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

Microsoft Security Response Center
Open in Source
#vulnerability#auth#Remote Desktop Client#Security Vulnerability
CVE-2025-47966: Power Automate Elevation of Privilege Vulnerability

Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-5068: Chromium: CVE-2025-5068 Use after free in Blink

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 137.0.3296.62 6/3/2025 137.0.7151.68/.69

CVE-2025-5419: Chromium: CVE-2025-5419 Out of bounds read and write in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 137.0.3296.62 6/3/2025 137.0.7151.68/.69

CVE-2025-5066: Chromium: CVE-2025-5066 Inappropriate implementation in Messages

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 137.0.3296.52 5/29/2025 137.0.7151.55/.56

CVE-2025-5067: Chromium: CVE-2025-5067 Inappropriate implementation in Tab Strip

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2025-5283: Chromium: CVE-2025-5283 Use after free in libvpx

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2025-5281: Chromium: CVE-2025-5281 Inappropriate implementation in BFCache

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2025-5065: Chromium: CVE-2025-5065 Inappropriate implementation in FileSystemAccess API

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**