CVE-2025-8882: Chromium: CVE-2025-8882 Use after free in Aura

CVE-2025-8881: Chromium: CVE-2025-8881 Inappropriate implementation in File Picker

CVE-2025-8880: Chromium: CVE-2025-8880 Race in V8

CVE-2025-8901: Chromium: CVE-2025-8901 Out of bounds write in ANGLE

CVE-2025-8879: Chromium: CVE-2025-8879 Heap buffer overflow in libaom

**According to the CVSS metric, attack vector is (AV:N) and user interaction is none (UI:N). What does that mean for this vulnerability?**

This can happen without user intervention. An attacker can use an uninitialized function pointer being called when decoding a JPEG image. This can be embedded in Office and 3rd party documents/files

Headline

CVE-2025-50165: Windows Graphics Component Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News