Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (227 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-21223 1 Microsoft 1 Edge Chromium 2026-01-16 5.1 Medium
Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard (non‑administrator) local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged update commands as LocalSystem. This allows a non‑administrator to enable or disable Windows Virtualization‑Based Security (VBS) by modifying protected system registry keys under HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard. Disabling VBS weakens critical platform protections such as Credential Guard, Hypervisor‑protected Code Integrity (HVCI), and the Secure Kernel, resulting in a security feature bypass.
CVE-2025-65046 1 Microsoft 2 Edge, Edge Chromium 2026-01-07 3.1 Low
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-62223 1 Microsoft 1 Edge Chromium 2026-01-07 4.3 Medium
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-60711 1 Microsoft 1 Edge Chromium 2026-01-02 6.3 Medium
Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2025-59251 1 Microsoft 1 Edge Chromium 2025-12-23 7.6 High
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-53791 1 Microsoft 1 Edge Chromium 2025-12-23 4.7 Medium
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-47967 2 Google, Microsoft 3 Android, Edge, Edge Chromium 2025-12-23 4.7 Medium
Insufficient ui warning of dangerous operations in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.
CVE-2024-38083 1 Microsoft 2 Edge, Edge Chromium 2025-12-17 4.3 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-30058 1 Microsoft 1 Edge Chromium 2025-12-17 5.4 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-38082 1 Microsoft 2 Edge, Edge Chromium 2025-12-17 4.7 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2024-38093 1 Microsoft 2 Edge, Edge Chromium 2025-12-17 4.3 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21401 1 Microsoft 1 Edge Chromium 2025-12-17 4.5 Medium
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2025-21408 1 Microsoft 1 Edge Chromium 2025-12-17 8.8 High
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21404 1 Microsoft 1 Edge Chromium 2025-12-17 4.3 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21283 1 Microsoft 1 Edge Chromium 2025-12-17 6.5 Medium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21279 1 Microsoft 1 Edge Chromium 2025-12-17 6.5 Medium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21267 1 Microsoft 1 Edge Chromium 2025-12-17 4.4 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21342 1 Microsoft 1 Edge Chromium 2025-12-17 8.8 High
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-26643 1 Microsoft 1 Edge Chromium 2025-12-17 5.4 Medium
The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-29806 1 Microsoft 1 Edge Chromium 2025-12-17 6.5 Medium
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.