CVE-2025-59251

Published: Sep 24, 2025Modified: Nov 20, 2025

7.6

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

Exploitability: 2.1 / Impact: 5.5

Source: secure@microsoft.com (Secondary)

Description

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Affected (1)

Products: Microsoft: Edge Chromium

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Edge Chromium	Before 140.0.3485.81

Related CWEs

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59251

Source: secure@microsoft.com

Vendor Advisory

Timeline

No history available yet.