on June 3, 2025 at 8:50 pm — Chromium: CVE-2025-5068 Use after free in Blink
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on June 3, 2025 at 8:50 pm — Chromium: CVE-2025-5068 Use after free in Blink Read More »
on May 29, 2025 at 6:55 pm — Chromium: CVE-2025-5283 Use after free in libvpx
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on May 29, 2025 at 6:55 pm — Chromium: CVE-2025-5283 Use after free in libvpx Read More »
on May 29, 2025 at 6:55 pm — Chromium: CVE-2025-5281 Inappropriate implementation in BFCache
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on May 29, 2025 at 6:55 pm — Chromium: CVE-2025-5065 Inappropriate implementation in FileSystemAccess API
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on May 29, 2025 at 7:06 pm — Chromium: CVE-2025-5066 Inappropriate implementation in Messages
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on May 29, 2025 at 6:55 pm — Chromium: CVE-2025-5067 Inappropriate implementation in Tab Strip
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
on May 22, 2025 at 7:00 am — CVE-2025-47181 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
on May 22, 2025 at 10:00 am — UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Cisco Talos has observed exploitation of CVE-2025-0994, a remote-code-execution vulnerability in Cityworks, a popular asset management system. The Cybersecurity and Infrastructure Security Agency (CISA) and Trimble have both released advisories pertaining to this vulnerability, with Trimble’s advisory specifically listing indicators of compromise (IOCs) related to the intrusion exploiting the CVE. IOCs pertaining to intrusions discovered
on May 15, 2025 at 5:20 pm — Chromium: CVE-2025-4609 Incorrect handle provided in unspecified circumstances in Mojo
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.