CVE-2025-21396: Microsoft Account Elevation of Privilege Vulnerability

CVE-2025-21415: Azure AI Face Service Elevation of Privilege Vulnerability

CVE-2025-0612: Chromium: CVE-2025-0611 Object corruption in V8

CVE-2025-0611: Chromium: CVE-2025-0612 Out of bounds memory access in V8

CVE-2025-21262: Microsoft Edge (Chromium-based) Spoofing Vulnerability

**How could an attacker exploit this vulnerability?**

An attacker would need to convince a targeted user to load a Windows Themes file on a vulnerable system with access to an attacker-controlled SMB share.

Headline

CVE-2023-38146: Windows Themes Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News