Microsoft’s advisory classifies CVE-2025-54901 as a buffer over-read (out‑of‑bounds read) in Microsoft Office Excel that can disclose process memory contents when a crafted spreadsheet is opened.
Executive summary
What it is: CVE-2025-54901 is an information‑disclosure vulnerability in...
A newly disclosed vulnerability in Windows Routing and Remote Access Service (RRAS) — tracked as CVE-2025-53806 in the Microsoft Security Response Center entry provided by the reporter — is an out‑of‑bounds read / buffer over‑read that can allow an attacker to obtain memory contents from an...
Microsoft’s Security Response Center lists CVE-2025-54095 as an out-of-bounds read in the Windows Routing and Remote Access Service (RRAS) that can disclose memory contents to a remote attacker over the network. (msrc.microsoft.com)
Background / Overview
Routing and Remote Access Service (RRAS)...