Skip to main content
CVE-2025-8043 CRITICAL POC PATCH Act Now

Firefox and Thunderbird URL truncation flaw enables spoofing attacks by displaying misleading origins in the address bar. Affects all Firefox versions prior to 141 and corresponding Thunderbird releases. Attackers can craft URLs that hide the true destination, tricking users into visiting malicious sites. Publicly available exploit code exists. CVSS 9.8 critical rating reflects network-based attack requiring no authentication, though real-world exploitation requires social engineering (user interaction despite UI:N vector).

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-4285 CRITICAL Act Now

SQL injection in Rolantis Information Technologies Agentis versions prior to 4.32 allows remote unauthenticated attackers to inject arbitrary SQL commands with scope change, enabling full compromise of confidentiality, integrity, and availability (CVSS 10.0). The flaw was reported by Turkey's national CERT (USOM) and carries no public exploit identified at time of analysis, though the maximum CVSS score and trivial attack profile make this a high-priority patch despite the modest EPSS of 0.24%.

SQLi
NVD VulDB
CVSS 3.1
10.0
EPSS
0.2%
CVE-2025-8044 CRITICAL PATCH Act Now

Memory corruption in Firefox 140 and Thunderbird 140 enables remote code execution without authentication. Mozilla confirmed multiple memory safety bugs with evidence of corruption, collectively presumed exploitable for arbitrary code execution. Fixed in Firefox 141 and Thunderbird 141. CVSS 9.8 critical severity with network-accessible attack vector requiring no user interaction. EPSS data not provided; no public exploit identified at time of analysis.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8038 CRITICAL PATCH Act Now

Frame navigation validation bypass in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to violate security boundaries due to improper path checking (CWE-345). Affects Firefox <141, Firefox ESR <140.1, Thunderbird <141, and Thunderbird ESR <140.1. The CVSS 9.8 critical score reflects network-based exploitation with no user interaction required, enabling potential unauthorized access, data manipulation, and service disruption. No public exploit identified at time of analysis, though the network attack vector (AV:N) and low complexity (AC:L) suggest straightforward exploitation once technical details emerge.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8031 CRITICAL PATCH Act Now

HTTP Basic Authentication credentials leak in Mozilla Firefox and Thunderbird via Content Security Policy (CSP) violation reports affects all versions prior to Firefox 141, Firefox ESR 128.13/140.1, and Thunderbird 141/128.13/140.1. When CSP violations occur on pages using HTTP Basic Auth, the browser incorrectly includes username:password in the violation report URL sent to the CSP report endpoint, exposing credentials to potentially untrusted third parties. With CVSS 9.8 and network-based unauthenticated attack vector (AV:N/AC:L/PR:N), this represents a critical credential disclosure vulnerability, though no public exploit or active exploitation (non-KEV) is confirmed at time of analysis.

Mozilla Privilege Escalation Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8028 CRITICAL PATCH Act Now

WebAssembly JIT compiler on ARM64 architectures incorrectly calculates branch addresses when processing WASM br_table instructions with numerous entries, enabling remote code execution in Firefox <141, Firefox ESR <115.26/128.13/140.1, and Thunderbird <141/128.13/140.1. The vulnerability requires no authentication or user interaction (CVSS AV:N/AC:L/PR:N/UI:N), allowing network-based attackers to potentially execute arbitrary code through malicious WASM content. Vendor-released patches are available across all affected product lines. No public exploit identified at time of analysis, though the CVSS 9.8 critical rating reflects the theoretical severity of unauthenticated remote code execution.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-7950 MEDIUM POC This Month

A vulnerability was found in code-projects Public Chat Room 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Public Chat Room
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-8037 CRITICAL PATCH Act Now

Cookie shadowing in Mozilla Firefox (versions prior to 141 and ESR prior to 140.1) and Thunderbird (versions prior to 141 and ESR prior to 140.1) allows remote unauthenticated attackers to bypass Secure cookie protections and access or modify session data. A nameless cookie containing an equals sign set over insecure HTTP can override cookies with the Secure attribute, enabling session hijacking or authentication bypass. No public exploit identified at time of analysis, though the attack complexity is low (CVSS AC:L) with network-based attack vector requiring no user interaction.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-8040 HIGH PATCH This Week

Memory corruption in Mozilla Firefox 140 and Thunderbird 140 (including ESR versions) allows remote code execution when users interact with malicious web content. Affected versions include Firefox ESR 140.0, Firefox 140, Thunderbird ESR 140.0, and Thunderbird 140. With CVSS 8.8 and requiring only user interaction (no authentication), this represents a significant threat to enterprise and consumer users. No public exploit identified at time of analysis, though Mozilla confirmed memory corruption evidence suggesting exploitability with sufficient attacker effort. Vendor-released patches available in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-8035 HIGH PATCH This Week

Remote code execution in Mozilla Firefox (ESR 128.12, 140.0, Firefox 140) and Thunderbird (ESR 128.12, 140.0, Thunderbird 140) allows unauthenticated remote attackers to execute arbitrary code via memory corruption vulnerabilities classified as buffer overflow (CWE-119). User interaction is required. Mozilla has released patches for all affected products (Firefox 141, ESR 128.13, ESR 140.1, Thunderbird 141, 128.13, 140.1). No public exploit identified at time of analysis, though CVSS score of 8.8 reflects high severity with complete compromise potential.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-8034 HIGH PATCH This Week

Remote code execution in Mozilla Firefox (ESR 115.x through 115.25, 128.x through 128.12, 140.0, regular 140) and Thunderbird (ESR 128.12, 140.0, regular 140) via memory safety bugs (CWE-119 buffer overflow). Attackers can execute arbitrary code by delivering crafted web content that triggers memory corruption when a user interacts with malicious pages or emails. CVSS 8.8 (High) reflects network-based attack requiring user interaction but no authentication. Vendor-released patches available: Firefox 141, Firefox ESR 115.26/128.13/140.1, Thunderbird 141/128.13/140.1. EPSS data not provided; no public exploit identified at time of analysis, though Mozilla notes evidence of memory corruption suggesting exploitability with effort.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-8039 HIGH PATCH This Week

Search term leakage in Mozilla Firefox and Thunderbird URL bars exposes sensitive user queries to unauthorized parties when URLs are shared or logged. Firefox versions prior to 141 (regular) and 140.1 (ESR), and Thunderbird versions prior to 141 (regular) and 140.1 (ESR) fail to properly clear search parameters from the URL bar after navigation, enabling information disclosure through shoulder surfing, screenshot sharing, browser history exports, or URL-based tracking. No public exploit identified at time of analysis, though the attack requires only user interaction (EPSS data not provided). CVSS 8.1 reflects high confidentiality and integrity impact despite requiring user interaction.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8036 HIGH PATCH This Week

DNS rebinding attacks can bypass Cross-Origin Resource Sharing (CORS) protections in Mozilla Firefox and Thunderbird due to improper cache invalidation of CORS preflight responses when target IP addresses change. Remote attackers can exploit this via malicious websites to access confidential cross-origin data without user authentication (CVSS: PR:N, UI:R). No public exploit identified at time of analysis, though CERT VU#652514 provides technical disclosure. EPSS data not provided, but the combination of network-accessible attack vector, low complexity, and no required privileges warrants attention for organizations using affected Mozilla products.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8032 HIGH PATCH This Week

Content Security Policy bypass in Mozilla Firefox and Thunderbird allows remote attackers to circumvent CSP protections via maliciously crafted XSLT documents. The flaw affects Firefox versions prior to 141 and Firefox ESR prior to 128.13/140.1, as well as Thunderbird versions prior to 141 and Thunderbird ESR prior to 128.13/140.1. Attack requires user interaction (visiting a malicious site or opening a malicious email) but no authentication. With CVSS 8.1 (High severity) and documented in six separate Mozilla security advisories, this CSP bypass enables high-impact confidentiality and integrity violations, though no public exploit or active exploitation has been identified at time of analysis.

Mozilla Authentication Bypass Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8030 HIGH PATCH This Week

Firefox and Thunderbird's 'Copy as cURL' feature improperly escapes shell metacharacters, allowing remote attackers to trick users into executing arbitrary commands when pasting copied network requests into a terminal. Affects Firefox <141, Firefox ESR <128.13/140.1, and Thunderbird <141, <128.13/140.1. Vendor-released patches available across all affected branches. CVSS 8.1 with network attack vector requiring user interaction; no public exploit identified at time of analysis. EPSS data not provided but social engineering dependency limits automated exploitation risk.

Mozilla RCE Code Injection Thunderbird Red Hat +1
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8029 HIGH PATCH This Week

Mozilla Firefox and Thunderbird execute JavaScript via crafted object/embed tags, enabling remote attackers to achieve high-impact XSS without authentication. Affects Firefox <141, Firefox ESR <128.13/<140.1, and Thunderbird <141/128.13/140.1. Users must visit a malicious page (UI:R), but attack complexity is low (AC:L) and no privileges required (PR:N). Vendor-released patches available across all affected product lines. No public exploit identified at time of analysis, though the attack surface is broad given browser/email client ubiquity.

Mozilla XSS Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-7952 LOW POC Monitor

Command injection in TOTOLINK T6 firmware 4.1.5cu.748 allows authenticated remote attackers to execute arbitrary commands via the ckeckKeepAlive function in the MQTT Packet Handler component (wireless.so). The vulnerability requires valid user credentials and network access but results only in low confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the CVSS 2.1 score and EPSS 3.01% indicate low practical exploitation probability despite public disclosure.

Command Injection T6 Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
3.0%
CVE-2025-8033 MEDIUM PATCH This Month

Null pointer dereference in Firefox and Thunderbird JavaScript engines allows remote attackers to cause denial of service via malformed closed generator objects. The vulnerability affects Firefox versions below 141, Firefox ESR versions below 115.26/128.13/140.1, Thunderbird versions below 141/128.13/140.1, and is triggered when a user visits a malicious webpage or opens a crafted email containing JavaScript that improperly resumes a closed generator. While the CVSS score is 6.5 (medium-high), the impact is limited to availability-no information disclosure or code execution is possible.

Mozilla Denial Of Service Null Pointer Dereference Thunderbird Red Hat +1
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-8027 MEDIUM PATCH This Month

Information disclosure in Mozilla Firefox and Thunderbird on 64-bit platforms allows remote attackers to leak sensitive memory contents via specially crafted web content. The IonMonkey JIT compiler writes only 32 bits of the 64-bit return value space on the stack, while the Baseline JIT reads the entire 64 bits, exposing uninitialized stack memory. Exploitation requires user interaction (UI:R) and no authentication. Fixes are available: Firefox 141+, Firefox ESR 115.26+, Firefox ESR 128.13+, Firefox ESR 140.1+, Thunderbird 141+, Thunderbird 128.13+, and Thunderbird 140.1+.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-8015 MEDIUM This Month

Stored Cross-Site Scripting in WP Shortcodes Plugin - Shortcodes Ultimate allows authenticated attackers with Author-level access to inject arbitrary JavaScript through insufficiently sanitized 'Title' and 'Slide link' fields in image uploads, affecting all versions up to 7.4.2. The injected scripts execute in the context of any user viewing affected pages, enabling session hijacking, credential theft, or malware distribution. No public exploit code has been identified at time of analysis, but the vulnerability requires only standard WordPress Author privileges and network access to exploit.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-4284 MEDIUM This Month

Reflected and DOM-Based Cross-Site Scripting in Rolantis Information Technologies Agentis (all versions before 4.32) allows remote unauthenticated attackers to inject and execute arbitrary JavaScript in a victim's browser session when the victim is tricked into clicking a crafted URL. The Scope:Changed vector indicates injected script executes in the context of a different security origin than the vulnerable component. No public exploit code has been identified and EPSS sits at 0.17% (38th percentile), consistent with an unweaponized, newly disclosed web application flaw reported by Turkey's national CERT (USOM).

XSS
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-7947 LOW POC Monitor

Improper authorization in jshERP up to version 3.5 allows authenticated remote attackers to modify or delete user accounts via manipulation of the ID parameter in the /user/delete endpoint, potentially resulting in unauthorized account manipulation and information disclosure. Publicly available exploit code exists for this vulnerability.

Information Disclosure Jsherp
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7946 LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Apartment Visitors Management System 1.0 allows remote attackers to inject malicious scripts via the searchdata parameter in /search-visitor.php. The vulnerability requires user interaction (clicking a malicious link) but enables session hijacking, credential theft, and malware distribution. Publicly available exploit code exists; however, the low EPSS score (0.07%) and minimal scope impact suggest limited real-world exploitation pressure despite public disclosure.

PHP XSS Apartment Visitors Management System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7948 LOW POC Monitor

Weak password recovery in jshERP up to version 3.5 allows authenticated remote attackers to compromise user accounts via the /jshERP-boot/user/updatePwd endpoint. The vulnerability enables password reset functionality without adequate protection mechanisms, classified as problematic with CVSS 2.1 and EPSS 0.06%. Publicly available exploit code exists but active exploitation remains unconfirmed.

Information Disclosure Jsherp
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-8018 LOW POC Monitor

SQL injection in Food Ordering Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the reg_Id parameter in /user/reservation_page.php, with publicly available exploit code disclosed but low real-world exploitation risk due to CVSS 2.1 score, authentication requirement, and limited confidentiality impact.

PHP SQLi Food Ordering Review System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-7949 LOW POC PATCH Monitor

Open redirect vulnerability in Sanluan PublicCMS up to version 5.202506.a allows authenticated remote attackers with low privileges to redirect users to arbitrary external URLs via manipulation of the url parameter in the admin preview functionality. The vulnerability requires user interaction (clicking a malicious link) and impacts integrity but not confidentiality or availability. Publicly available exploit code exists, and vendor patches are available.

Open Redirect Publiccms
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7953 LOW POC PATCH Monitor

Open redirect vulnerability in Sanluan PublicCMS up to version 5.202506.a allows authenticated remote attackers to redirect users to arbitrary URLs via manipulation of the File parameter in the PDF.js viewer component, requiring user interaction to trigger the redirect. The vulnerability has publicly available exploit code and affects the PDF viewer resource file, though real-world impact is limited by the requirement for prior authentication and user click interaction.

Open Redirect Publiccms
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7951 LOW POC Monitor

Reflected cross-site scripting in Public Chat Room 1.0 allows authenticated remote attackers to inject malicious scripts via the chat_msg or your_name parameters in /send_message.php, requiring user interaction to trigger payload execution. The vulnerability has a low CVSS score (2.0) and EPSS exploitation probability (0.05th percentile), but publicly available exploit code exists, limiting attack complexity for threat actors with valid credentials.

PHP XSS Public Chat Room
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-4294 MEDIUM This Month

Cross-site scripting in HotelRunner's B2B platform allows a high-privileged authenticated attacker to inject malicious scripts into web pages viewed by other users. The Changed scope (S:C) in the CVSS vector confirms the injected payload executes in a victim's browser context, enabling session hijacking or credential theft against other platform users. No public exploit code or active exploitation has been identified at time of analysis; the EPSS score of 0.15% (36th percentile) reflects a low probability of widespread exploitation.

XSS
NVD VulDB
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-4295 MEDIUM This Month

HTTP Response Splitting in HotelRunner's B2B hospitality platform stems from improper certificate-host mismatch validation (CWE-297), enabling an authenticated low-privilege attacker to inject crafted headers into HTTP responses when a victim user interacts with the vulnerable flow. Successful exploitation can lead to cache poisoning, session hijacking, or content injection with limited confidentiality and integrity impact (C:L/I:L). No public exploit exists and EPSS sits at 0.07% (21st percentile), indicating no observed widespread exploitation at time of analysis.

Information Disclosure
NVD VulDB
CVSS 3.1
4.6
EPSS
0.1%
CVE-2025-4878 LOW Monitor

Uninitialized variable in libssh's privatekey_from_file() function can cause heap corruption or signing failures when a non-existent key file is specified, allowing local authenticated attackers to trigger memory corruption with potential for information disclosure. CVSS 3.6 reflects local attack vector and high complexity; exploitation requires authenticated access and specific file conditions.

Information Disclosure Use After Free Memory Corruption
NVD
CVSS 3.1
3.6
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy