#Security Vulnerability

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

**What type of information could be disclosed by this vulnerability?** System internal configuration could be disclosed by this vulnerability.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** The attacker would gain the rights of the user that is running the affected application.

Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.