Type Confusion Vulnerability in Microsoft Edge by Microsoft
CVE-2025-49713

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 2 July 2025

🔔 Create Microsoft Vulnerability Alert

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-49713?

A type confusion vulnerability in Microsoft Edge (Chromium-based) could enable an unauthorized attacker to execute arbitrary code over a network. This occurs when the browser improperly accesses resources using incompatible types, potentially leading to severe security implications. Users are urged to apply available updates to protect against this risk.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0.0 < 138.0.3351.65

News Articles

CyberSecurityNews

CVE-2025-6554 CVE-2025-49713

Urgent Update: Microsoft Edge Fixes Actively Exploited Chromium Vulnerability

Microsoft has released a critical security update for Edge Stable Channel on July 1, 2025, addressing a severe vulnerability.

2 weeks ago

thmubnail image

CVE-2025-49713 CVE-2025-6554

Microsoft Edge Fixes Actively Exploited Chromium Vulnerability

These vulnerabilities, reported by the Chromium project and Microsoft’s internal security teams, are being actively exploited in the wild

2 weeks ago

thmubnail image

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jul 3, 2025
📰
First article discovered by Cyber Press
Jul 3, 2025
Vulnerability published
Jul 2, 2025
Vulnerability Reserved
Jun 9, 2025

.

CVE-2025-49713 : Type Confusion Vulnerability in Microsoft Edge by Microsoft