CVE-2025-53791

Published Sep 5, 2025

Last updated 8 months ago

CVSS medium 4.7

Overview

Description
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
Source
secure@microsoft.com
NVD status
Analyzed
Products
edge_chromium

Risk scores

CVSS 3.1

Type
Primary
Base score
4.7
Impact score
2.7
Exploitability score
1.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

secure@microsoft.com
CWE-284
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. 🔒 Heads up, Windows admins! CVE-2025-53791 lets sneaky hackers bypass Edge's security features. Time to patch up and keep those browsers locked down tighter than your grandma's cookie jar! #WindowsForum #EdgeSecurity #PatchItUp https://t.co/yB0yoc66D2

    @windowsforum

    5 Sept 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Microsoft Edge (Chromium-based) Spoofing VulnerabilityCVE-2026-33118
  2. Microsoft Edge (Chromium-based) for Android Spoofing VulnerabilityCVE-2026-0385
  3. Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.CVE-2026-0102
  4. User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.CVE-2026-0391
  5. Improper privilege management in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.CVE-2026-21223

References

Sources include official advisories and independent security research.