Description
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Use after free vulnerability in V8 can be exploited to cause denial of service or execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge for IOS and Android can be exploited remotely to spoof user interface.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Use after free vulnerability in Skia can be exploited to cause denial of service or execute arbitrary code.
- Inappropriate implementation vulnerability in Extensions API can be exploited to cause denial of service.
Original advisories
- CVE-2025-21408
- CVE-2025-0445
- CVE-2025-21253
- CVE-2025-21267
- CVE-2025-0444
- CVE-2025-21404
- CVE-2025-21279
- CVE-2025-21342
- CVE-2025-0451
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2025-0444 high
- CVE-2025-0445 high
- CVE-2025-0451 high
- CVE-2025-21283 critical
- CVE-2025-21408 critical
- CVE-2025-21253 high
- CVE-2025-21267 warning
- CVE-2025-21404 warning
- CVE-2025-21279 critical
- CVE-2025-21342 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!