Edge Chromium Microsoft Edge Chromium

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Edge Chromium.

By the Year

In 2025 there have been 12 vulnerabilities in Microsoft Edge Chromium with an average score of 6.6 out of ten. Last year, in 2024 Edge Chromium had 44 security vulnerabilities published. Right now, Edge Chromium is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.09.




Year Vulnerabilities Average Score
2025 12 6.56
2024 44 6.47
2023 58 6.64
2022 34 7.14
2021 49 7.59
2020 1 8.80
2019 0 0.00
2018 0 0.00

It may take a day or so for new Edge Chromium vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Edge Chromium Security Vulnerabilities

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68

CVE-2025-5419 - June 03, 2025

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

No cwe for this issue in Microsoft Edge (Chromium-based)

CVE-2025-29806 6.5 - Medium - March 23, 2025

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Object Type Confusion

The UI performs the wrong action in Microsoft Edge (Chromium-based)

CVE-2025-26643 5.4 - Medium - March 07, 2025

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

The UI Performs the Wrong Action

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CVE-2025-21401 4.5 - Medium - February 15, 2025

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Open Redirect

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2025-21267 4.4 - Medium - February 06, 2025

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Improperly Implemented Security Check for Standard

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2025-21279 8.8 - High - February 06, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2025-21283 8.8 - High - February 06, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Insufficient Granularity of Address Regions Protected by Register Locks

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2025-21342 8.8 - High - February 06, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2025-21404 4.3 - Medium - February 06, 2025

Microsoft Edge (Chromium-based) Spoofing Vulnerability

The UI Performs the Wrong Action

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2025-21408 8.8 - High - February 06, 2025

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based)

CVE-2025-21262 5.4 - Medium - January 24, 2025

User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network

User Interface (UI) Misrepresentation of Critical Information

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2025-21185 6.5 - Medium - January 17, 2025

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Authorization

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-49041 4.3 - Medium - December 06, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

The UI Performs the Wrong Action

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-49054 - November 22, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Insufficient UI Warning of Dangerous Operations

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-49025 4.3 - Medium - November 14, 2024

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Privacy violation

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-43577 4.3 - Medium - October 18, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

The UI Performs the Wrong Action

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-49023 5.3 - Medium - October 18, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Dangling pointer

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43566 9.8 - Critical - October 17, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43578 8.3 - High - October 17, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43579 8.3 - High - October 17, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-43580 5.4 - Medium - October 17, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Insufficient UI Warning of Dangerous Operations

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43587 8.1 - High - October 17, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43595 8.8 - High - October 17, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43596 8.8 - High - October 17, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-38221 4.3 - Medium - September 19, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

XSS

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43489 8.8 - High - September 19, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-43496 8.8 - High - September 19, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Memory Corruption

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVE-2024-38207 6.3 - Medium - August 23, 2024

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

Memory Corruption

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-38209 7.8 - High - August 22, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-38210 7.8 - High - August 22, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Out-of-bounds Read

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84

CVE-2024-7965 8.8 - High - August 21, 2024

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Memory Corruption

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2024-43472 8.3 - High - August 16, 2024

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Dangling pointer

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVE-2024-38218 7.8 - High - August 12, 2024

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

Memory Corruption

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-38219 9 - Critical - August 12, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Object Type Confusion

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-38083 4.3 - Medium - June 13, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-30056 5.4 - Medium - May 25, 2024

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-30055 5.4 - Medium - May 14, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CVE-2024-29991 5 - Medium - April 19, 2024

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

CVE-2024-29986 5.4 - Medium - April 18, 2024

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-29987 - April 18, 2024

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability

CVE-2024-29049 4.7 - Medium - April 04, 2024

Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability

XSS

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-29981 4.3 - Medium - April 04, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Clickjacking

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CVE-2024-26163 4.7 - Medium - March 14, 2024

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-26192 8.2 - High - February 23, 2024

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-21423 4.8 - Medium - February 23, 2024

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2024-21399 8.3 - High - February 02, 2024

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2024-21388 6.5 - Medium - January 30, 2024

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-21336 2.5 - Low - January 26, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2024-21383 3.3 - Low - January 26, 2024

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2024-21326 9.6 - Critical - January 26, 2024

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Edge Chromium or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe