Microsoft has published security advisories for a series of Microsoft Edge (Chromium-based) information disclosure vulnerabilities affecting the browser across multiple release cycles. The referenced issues include CVE-2021-36929, CVE-2023-33145, CVE-2023-36880, CVE-2023-38158, CVE-2024-21423, CVE-2024-29987, CVE-2024-30056, CVE-2024-38103, CVE-2024-38222, CVE-2024-49025, and CVE-2025-49741, all listed by Microsoft as information disclosure vulnerabilities in the Chromium-based Edge browser.
The advisories provide limited public detail, but the volume and recurrence of these CVEs show an ongoing stream of browser security fixes tied to unintended exposure of sensitive information. For defenders, the immediate takeaway is to ensure Microsoft Edge is kept fully updated and to track MSRC guidance for affected versions, as browser-based information disclosure bugs can aid reconnaissance, weaken privacy protections, or support follow-on exploitation when chained with other vulnerabilities.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
12 events from the most recent confirmed update back to the earliest known activity.
Microsoft released a Security Update Guide entry for CVE-2025-49741, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2024-49025, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2024-38222, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2024-38103, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2024-30056, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2024-29987, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2024-21423, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2023-38158, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft published security guidance for CVE-2023-36880, describing an information disclosure vulnerability in Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2023-38174, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2023-33145, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2021-36929, an information disclosure vulnerability affecting Microsoft Edge (Chromium-based).
12 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceportal.msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.