CVE-2025-30397

⚠ KEVEPSS 20.7%

Microsoft Windows Scripting Engine Type Confusion Vulnerability

Added to CISA KEV: 5/13/2025

Description

Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.

Affected packages (0)

No package mapping in OSV.