Privacy Trust

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. 

Updated links to security updates. This is an informational change only. 

Updated links to security updates. This is an informational change only. 

Updated links to security updates. This is an informational change only. 

Added an acknowledgement. This is an informational change only. 

Access of resource using incompatible type (‘type confusion’) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. 

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-6554 exists in the wild. 

Information published. 

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.