Chromium: CVE-2025-5283 Use after free in libvpx
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
Chromium: CVE-2025-5067 Inappropriate implementation in Tab Strip
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
Chromium: CVE-2025-5066 Inappropriate implementation in Messages
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
CVE-2025-47181 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
Chromium: CVE-2025-4664 Insufficient policy enforcement in Loader
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information. Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild.
Chromium: CVE-2025-4609 Incorrect handle provided in unspecified circumstances in Mojo
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.
CVE-2025-47161 Microsoft Defender for Endpoint Elevation of Privilege Vulnerability
Information published.
CVE-2025-29959 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-32704 Microsoft Excel Remote Code Execution Vulnerability
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29840 Windows Media Remote Code Execution Vulnerability
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
