The short answer: Microsoft documents Chromium-assigned CVEs in the Security Update Guide because Microsoft Edge (the Chromium-based Edge) consumes Chromium OSS. MSRC adds those CVE entries to show customers the vendor-of-origin (Chrome/Chromium) information and to indicate whether the current...
