VYPR

Edge Chromium

by Microsoft

CVEs (223)

  • CVE-2019-0990Jun 12, 2019
    risk 0.01cvss epss 0.05

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-0988Jun 12, 2019
    risk 0.01cvss epss 0.06

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…

  • CVE-2026-0102Feb 17, 2026
    risk 0.00cvss epss 0.00

    Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.

  • CVE-2026-0391Feb 5, 2026
    risk 0.00cvss epss 0.01

    User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-21223Jan 16, 2026
    risk 0.00cvss epss 0.00

    Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

  • CVE-2025-62223Dec 5, 2025
    risk 0.00cvss epss 0.00

    User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-60711Oct 31, 2025
    risk 0.00cvss epss 0.00

    Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

  • CVE-2025-59251Sep 24, 2025
    risk 0.00cvss epss 0.00

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

  • CVE-2025-47967Sep 16, 2025
    risk 0.00cvss epss 0.00

    Insufficient ui warning of dangerous operations in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-53791Sep 5, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2025-47963Jul 11, 2025
    risk 0.00cvss epss 0.01

    No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-47964Jul 11, 2025
    risk 0.00cvss epss 0.00

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2025-47182Jul 11, 2025
    risk 0.00cvss epss 0.00

    Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.

  • CVE-2025-49713Jul 2, 2025
    risk 0.00cvss epss 0.01

    Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

  • CVE-2025-47181May 22, 2025
    risk 0.00cvss epss 0.00

    Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.

  • CVE-2025-29825May 2, 2025
    risk 0.00cvss epss 0.01

    User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-29834Apr 12, 2025
    risk 0.00cvss epss 0.01

    Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

  • CVE-2025-29815Apr 4, 2025
    risk 0.00cvss epss 0.01

    Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.

  • CVE-2025-25001Apr 4, 2025
    risk 0.00cvss epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-25000Apr 3, 2025
    risk 0.00cvss epss 0.01

    Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Page 2 of 12