CVE-2025-30397

Name of the Vulnerable Software and Affected Versions Microsoft Scripting Engine (affected versions not specified)

Description The issue is related to a type confusion vulnerability in the Microsoft Scripting Engine, which allows an unauthorized attacker to execute code over a network. This can be achieved by exploiting the vulnerability when a user visits a malicious webpage, particularly in Microsoft Edge or Internet Explorer mode. The vulnerability has been actively exploited in the wild.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.