Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microsoft Subscribe
Filtered by product Edge Chromium
Total 217 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-21223 1 Microsoft 1 Edge Chromium 2026-02-22 N/A 7.1 HIGH
Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.
CVE-2025-65046 1 Microsoft 1 Edge Chromium 2026-02-20 N/A 3.1 LOW
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2026-0102 1 Microsoft 1 Edge Chromium 2026-02-19 N/A 3.1 LOW
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.
CVE-2026-0391 1 Microsoft 1 Edge Chromium 2026-02-18 N/A 6.5 MEDIUM
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-47964 1 Microsoft 1 Edge Chromium 2026-02-13 N/A 5.4 MEDIUM
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-47963 1 Microsoft 1 Edge Chromium 2026-02-13 N/A 6.3 MEDIUM
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-14174 4 Apple, Google, Linux and 1 more 11 Ipados, Iphone Os, Macos and 8 more 2025-12-15 N/A 8.8 HIGH
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2025-62223 1 Microsoft 1 Edge Chromium 2025-12-10 N/A 4.3 MEDIUM
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-59251 1 Microsoft 1 Edge Chromium 2025-11-20 N/A 7.6 HIGH
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-60711 1 Microsoft 1 Edge Chromium 2025-11-05 N/A 6.3 MEDIUM
Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2023-6702 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Edge Chromium 2025-11-04 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2020-16009 6 Cefsharp, Debian, Fedoraproject and 3 more 8 Cefsharp, Debian Linux, Fedora and 5 more 2025-10-24 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-4135 2 Google, Microsoft 3 Chrome, Edge, Edge Chromium 2025-10-24 N/A 9.6 CRITICAL
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2023-6345 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2025-10-24 N/A 9.6 CRITICAL
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVE-2023-4762 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2025-10-24 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4863 9 Bandisoft, Bentley, Debian and 6 more 12 Honeyview, Seequent Leapfrog, Debian Linux and 9 more 2025-10-24 N/A 8.8 HIGH
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2023-5217 8 Apple, Debian, Fedoraproject and 5 more 11 Ipados, Iphone Os, Debian Linux and 8 more 2025-10-24 N/A 8.8 HIGH
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7965 2 Google, Microsoft 2 Chrome, Edge Chromium 2025-10-24 N/A 8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-5419 2 Google, Microsoft 2 Chrome, Edge Chromium 2025-10-24 N/A 8.8 HIGH
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-53791 1 Microsoft 1 Edge Chromium 2025-09-10 N/A 4.7 MEDIUM
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.