CVE-2025-21415: Azure AI Face Service Elevation of Privilege Vulnerability

CVE-2025-21396: Microsoft Account Elevation of Privilege Vulnerability

CVE-2025-0612: Chromium: CVE-2025-0611 Object corruption in V8

CVE-2025-0611: Chromium: CVE-2025-0612 Out of bounds memory access in V8

CVE-2025-21262: Microsoft Edge (Chromium-based) Spoofing Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?**

An attacker would have to convince the user to load a malicious file onto a vulnerable system, typically by way of an enticement in an Email or Instant Messenger message, and then convince the user to manipulate the specially crafted file, but not necessarily click or open the malicious file.

Headline

CVE-2024-38030: Windows Themes Spoofing Vulnerability

Microsoft Security Response Center: Latest News