Microsoft Edge Fixes Actively Exploited Chromium Flaw — Update Immediately

Microsoft has released a critical security update for its Edge browser, addressing a high-severity vulnerability in the Chromium engine that is currently being exploited in the wild.

The update, available in Microsoft Edge Stable Channel Version 138.0.3351.65, patches CVE-2025-6554—a flaw that security experts urge all users to remediate without delay.

CVE-2025-6554 is a type confusion vulnerability found in the V8 JavaScript engine, the core component responsible for processing JavaScript in Chromium-based browsers such as Edge and Chrome.

Type confusion occurs when a program incorrectly assumes the type of an object, allowing attackers to access memory or execute code in unintended ways.

In this case, a remote attacker can exploit the flaw by tricking users into visiting a malicious website, which can then execute arbitrary code on ...