Microsoft has published Security Update Guide entries for two Microsoft Edge (Chromium-based) remote code execution flaws, CVE-2025-21342 and CVE-2022-21931. Both advisories identify the same impact category—remote code execution in the browser—indicating that successful exploitation could allow malicious code to run in the context of the targeted Edge process.
The disclosures show Microsoft continuing to track and remediate serious browser security issues affecting its Chromium-based Edge platform through formal update guidance. Organizations using Microsoft Edge should review the relevant Security Update Guide entries for affected versions and apply available browser updates promptly, as RCE flaws in web browsers can be triggered through malicious web content and pose a direct risk to enterprise endpoints.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
Microsoft released a Security Update Guide entry for CVE-2025-21342, a remote code execution vulnerability affecting Microsoft Edge (Chromium-based).
Microsoft released a Security Update Guide entry for CVE-2022-21931, a remote code execution vulnerability affecting Microsoft Edge (Chromium-based).
2 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.