Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Edge Chromium  >> 102.0.1245.33  Security Vulnerabilities
CVE-2026-21223
Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard (non‑administrator) local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged update commands as LocalSystem. This allows a non‑administrator to enable or disable Windows Virtualization‑Based Security (VBS) by modifying protected system registry keys under HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard. Disabling VBS weakens critical platform protections such as Credential Guard, Hypervisor‑protected Code Integrity (HVCI), and the Secure Kernel, resulting in a security feature bypass.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-01-16
CVE-2025-14174
Known exploited
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.006
Published
2025-12-12
CVE-2025-62223
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-05
CVE-2025-60711
Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-10-31
CVE-2025-59251
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
7.6
EPSS Score
0.001
Published
2025-09-24
CVE-2025-53791
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-09-05
CVE-2025-47963
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-07-11
CVE-2025-47964
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS Score
5.4
EPSS Score
0.0
Published
2025-07-11
CVE-2025-47182
Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.
CVSS Score
5.6
EPSS Score
0.001
Published
2025-07-11
CVE-2025-49713
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.004
Published
2025-07-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved