THREAT OPS › CVEs › CVE-2025-30397
CVE-2025-30397 — Microsoft Windows Scripting Engine Type Confusion Vulnerability
Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.
Vulnerability details
- Affected productsWindows
- KEV remediation due2025-06-03