Microsoft Security Response Center Blog Alerts

CVE-2025-47966 Power Automate Elevation of Privilege Vulnerability

Posted on Thursday June 05, 2025

Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.

Chromium: CVE-2025-5419 Out of bounds read and write in V8

Posted on Tuesday June 03, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-5419 exists in the wild.

Chromium: CVE-2025-5068 Use after free in Blink

Posted on Tuesday June 03, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

Chromium: CVE-2025-5063 Use after free in Compositing

Posted on Thursday May 29, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

Chromium: CVE-2025-5280 Out of bounds write in V8

Posted on Thursday May 29, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

Chromium: CVE-2025-5064 Inappropriate implementation in Background Fetch API

Posted on Thursday May 29, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

Page:   1...91011121314151617...172