CVE-2025-49736: Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

CVE-2025-50155: Windows Push Notifications Apps Elevation of Privilege Vulnerability

CVE-2025-50157: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-53769: Windows Security App Spoofing Vulnerability

CVE-2025-53766: GDI+ Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Headline

CVE-2025-50155: Windows Push Notifications Apps Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News