CVE-2025-29842 | THREATINT

Description

Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

Reserved 2025-03-11 | Published 2025-05-13 | Updated 2025-05-29 | Assigner microsoft

HIGH: 7.5CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.0 before 10.0.19045.5854

affected

10.0.20348.0 before 10.0.20348.3692

affected

10.0.25398.0 before 10.0.25398.1611

affected

10.0.26100.0 before 10.0.26100.4061

affected

10.0.17763.0 before 10.0.17763.7314

affected

10.0.26100.0 before 10.0.26100.4061

affected

10.0.19044.0 before 10.0.19044.5854

affected

10.0.22631.0 before 10.0.22631.5335

affected

10.0.14393.0 before 10.0.14393.8066

affected

10.0.10240.0 before 10.0.10240.21014

affected

10.0.22621.0 before 10.0.22621.5335

affected

10.0.14393.0 before 10.0.14393.8066

affected

10.0.14393.0 before 10.0.14393.8066

affected

10.0.17763.0 before 10.0.17763.7314

affected

10.0.17763.0 before 10.0.17763.7314

affected

10.0.26100.0 before 10.0.26100.4061

affected

10.0.22631.0 before 10.0.22631.5335

affected

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29842 (UrlMon Security Feature Bypass Vulnerability) vendor-advisory

Download JSON