Microsoft Security Response Center Blog Alerts

CVE-2025-59489 MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability

Published November 9, 2025

The following updates have been made to CVE-2025-59489: 1) In the Security Updates table, added Microsoft Mesh and Microsoft Mesh for Meta Quest as they affected by this vulnerability. 2) Further, to comprehensively address this vulnerability, Microsoft has released the 5.2514 build for these applications. Microsoft recommends that customers install the updates to be fully […]

Chromium: CVE-2025-11219 Use after free in V8

Published November 9, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

Chromium: CVE-2025-11216 Inappropriate implementation in Storage

Published November 9, 2025

Chromium: CVE-2025-11215 Off by one error in V8

Published November 9, 2025

Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox

Published November 9, 2025

CVE-2025-59271 Redis Enterprise Elevation of Privilege Vulnerability

Published November 9, 2025

Information published.

CVE-2025-59252 M365 Copilot Spoofing Vulnerability

Published November 9, 2025

Information published.

CVE-2025-55321 Azure Monitor Log Analytics Spoofing Vulnerability

Published November 9, 2025

Improper neutralization of input during web page generation (‘cross-site scripting’) in Azure Monitor allows an authorized attacker to perform spoofing over a network.