Type Confusion Vulnerability in Microsoft Edge by Microsoft
CVE-2025-49713

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 2 July 2025

What is CVE-2025-49713?

A type confusion vulnerability in Microsoft Edge (Chromium-based) could enable an unauthorized attacker to execute arbitrary code over a network. This occurs when the browser improperly accesses resources using incompatible types, potentially leading to severe security implications. Users are urged to apply available updates to protect against this risk.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0.0 < 138.0.3351.65

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2025
Vulnerability Reserved
Jun 9, 2025