MSRC Reports
@msrcreports
61 subscribers
2.93K links
Microsoft Security Response Center Reports
(Unofficial).

Reports usually come in bursts, because that's just how Microsoft releases them.
Download Telegram
About
Blog
Apps
Platform
Join
MSRC Reports
61 subscribers
MSRC Reports
CVE-2025-59215 Windows Graphics Component Elevation of Privilege Vulnerability

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59215
34 views
MSRC Reports
Chromium: CVE-2025-10500 Use after free in Dawn

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10500
33 views
MSRC Reports
Chromium: CVE-2025-10502 Heap buffer overflow in ANGLE

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10502
40 views
MSRC Reports
Chromium: CVE-2025-10585 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-10585 exists in the wild.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10585
48 views
MSRC Reports
Chromium: CVE-2025-10501 Use after free in WebRTC

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10501
47 views
MSRC Reports
CVE-2025-55322 OmniParser Remote Code Execution Vulnerability

Binding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55322
34 views
MSRC Reports
CVE-2025-55232 Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability

Added an acknowledgement. This is an informational change only.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55232
33 views
MSRC Reports
CVE-2025-59251 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59251
34 views
MSRC Reports
Chromium: CVE-2025-10892 Integer overflow in V8

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10892
38 views
MSRC Reports
Chromium: CVE-2025-10891 Integer overflow in V8

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10891
42 views
MSRC Reports
Chromium: CVE-2025-10890 Side-channel information leakage in V8

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10890
43 views
MSRC Reports
CVE-2025-53132 Win32k Elevation of Privilege Vulnerability

Updated information to include CVSS scores. This is an informational change only.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53132
30 views
MSRC Reports
Chromium: CVE-2025-11212 Inappropriate implementation in Media

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11212
28 views
MSRC Reports
Chromium: CVE-2025-11219 Use after free in V8

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11219
29 views
MSRC Reports
Chromium: CVE-2025-11206 Heap buffer overflow in Video

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11206
25 views
MSRC Reports
Chromium: CVE-2025-11208 Inappropriate implementation in Media

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11208
23 views
MSRC Reports
Chromium: CVE-2025-11207 Side-channel information leakage in Storage

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11207
21 views
MSRC Reports
Chromium: CVE-2025-11210 Side-channel information leakage in Tab

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11210
21 views
MSRC Reports
Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11213
20 views
MSRC Reports
Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11205
20 views
MSRC Reports
Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11209
23 views