Remote Code Execution Vulnerability in Microsoft Edge by Microsoft
CVE-2025-59251

7.6HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 24 September 2025

What is CVE-2025-59251?

A remote code execution vulnerability exists in Microsoft Edge (Chromium-based) that could allow an attacker to execute arbitrary code on a user's system. This can be triggered by processing specially crafted web content. Successful exploitation could result in an attacker gaining the same user rights as the logged-on user. It's vital to update to the latest version to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0.0 < 140.0.3485.81

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2025
Vulnerability Reserved
Sep 11, 2025

JSON