Skip to main content

Mozilla

2675 CVEs vendor

Monthly

CVE-2025-11709 CRITICAL PATCH Act Now

Out-of-bounds memory corruption in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to achieve code execution via malicious WebGL texture operations. A compromised web content process can exploit manipulated WebGL textures to trigger out-of-bounds reads and writes in privileged browser processes, potentially leading to full system compromise. Affects Firefox <144, Firefox ESR <115.29 and <140.4, and Thunderbird <144 and <140.4. Vendor-released patches available across all affected product lines. CVSS 9.8 reflects network-accessible, no-authentication-required attack with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the specific Bugzilla reference (1989127) indicates detailed technical analysis exists.

Memory Corruption Mozilla Buffer Overflow Thunderbird Red Hat +1
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-11708 CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox (all versions prior to 144, ESR prior to 140.4) and Thunderbird (all versions prior to 144, ESR prior to 140.4) allows unauthenticated remote attackers to execute arbitrary code, disclose sensitive information, or cause denial of service through a use-after-free vulnerability in MediaTrackGraphImpl::GetInstance(). With a critical CVSS score of 9.8 and no authentication required, this memory corruption flaw represents a severe security risk. No public exploit identified at time of analysis, though EPSS data not available to assess exploitation probability.

Memory Corruption Mozilla Use After Free Information Disclosure Thunderbird +2
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-11153 HIGH PATCH This Week

JIT miscompilation in the JavaScript Engine: JIT component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-11152 HIGH PATCH This Week

Sandbox escape due to integer overflow in the Graphics: Canvas2D component. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Integer Overflow
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-10859 MEDIUM This Month

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mozilla
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-10537 HIGH PATCH This Week

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-10536 MEDIUM PATCH This Month

Information disclosure in the Networking: Cache component. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-10535 HIGH PATCH This Week

Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-10534 HIGH PATCH This Week

Spoofing issue in the Site Permissions component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla XSS
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-10533 HIGH PATCH This Week

Integer overflow in the SVG component. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Integer Overflow
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-10532 MEDIUM PATCH This Month

Incorrect boundary conditions in the JavaScript: GC component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-10531 MEDIUM PATCH This Month

Mitigation bypass in the Web Compatibility: Tooling component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-10530 MEDIUM PATCH This Month

Spoofing issue in the WebAuthn component in Firefox for Android. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-10529 MEDIUM PATCH This Month

Same-origin policy bypass in the Layout component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cors Misconfiguration Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-10528 HIGH PATCH This Week

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-10527 HIGH PATCH This Week

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Mozilla
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-9187 CRITICAL PATCH Act Now

Memory safety bugs present in Firefox 141 and Thunderbird 141. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-9186 MEDIUM PATCH This Month

Spoofing issue in the Address Bar component of Firefox Focus for Android. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-9185 HIGH PATCH This Week

Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-9184 HIGH PATCH This Week

Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-9183 MEDIUM PATCH This Month

Spoofing issue in the Address Bar component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-9182 HIGH PATCH This Week

Denial-of-service due to out-of-memory in the Graphics: WebRender component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-9181 MEDIUM PATCH This Month

Uninitialized memory in the JavaScript Engine component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-9180 HIGH PATCH This Week

Same-origin policy bypass in the Graphics: Canvas2D component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-9179 CRITICAL PATCH Act Now

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8364 MEDIUM This Month

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-8042 CRITICAL PATCH Act Now

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8041 MEDIUM PATCH This Month

In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-55031 CRITICAL Act Now

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-55030 MEDIUM This Month

Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Mozilla
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-55029 HIGH This Week

Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS < 142. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-55028 MEDIUM This Month

Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS <. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-54145 CRITICAL Act Now

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Mozilla
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-54144 MEDIUM This Month

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Mozilla
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-54143 CRITICAL Act Now

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8044 CRITICAL PATCH Act Now

Memory corruption in Firefox 140 and Thunderbird 140 enables remote code execution without authentication. Mozilla confirmed multiple memory safety bugs with evidence of corruption, collectively presumed exploitable for arbitrary code execution. Fixed in Firefox 141 and Thunderbird 141. CVSS 9.8 critical severity with network-accessible attack vector requiring no user interaction. EPSS data not provided; no public exploit identified at time of analysis.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8043 CRITICAL POC PATCH Act Now

Firefox and Thunderbird URL truncation flaw enables spoofing attacks by displaying misleading origins in the address bar. Affects all Firefox versions prior to 141 and corresponding Thunderbird releases. Attackers can craft URLs that hide the true destination, tricking users into visiting malicious sites. Publicly available exploit code exists. CVSS 9.8 critical rating reflects network-based attack requiring no authentication, though real-world exploitation requires social engineering (user interaction despite UI:N vector).

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8040 HIGH PATCH This Week

Memory corruption in Mozilla Firefox 140 and Thunderbird 140 (including ESR versions) allows remote code execution when users interact with malicious web content. Affected versions include Firefox ESR 140.0, Firefox 140, Thunderbird ESR 140.0, and Thunderbird 140. With CVSS 8.8 and requiring only user interaction (no authentication), this represents a significant threat to enterprise and consumer users. No public exploit identified at time of analysis, though Mozilla confirmed memory corruption evidence suggesting exploitability with sufficient attacker effort. Vendor-released patches available in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-8039 HIGH PATCH This Week

Search term leakage in Mozilla Firefox and Thunderbird URL bars exposes sensitive user queries to unauthorized parties when URLs are shared or logged. Firefox versions prior to 141 (regular) and 140.1 (ESR), and Thunderbird versions prior to 141 (regular) and 140.1 (ESR) fail to properly clear search parameters from the URL bar after navigation, enabling information disclosure through shoulder surfing, screenshot sharing, browser history exports, or URL-based tracking. No public exploit identified at time of analysis, though the attack requires only user interaction (EPSS data not provided). CVSS 8.1 reflects high confidentiality and integrity impact despite requiring user interaction.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8038 CRITICAL PATCH Act Now

Frame navigation validation bypass in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to violate security boundaries due to improper path checking (CWE-345). Affects Firefox <141, Firefox ESR <140.1, Thunderbird <141, and Thunderbird ESR <140.1. The CVSS 9.8 critical score reflects network-based exploitation with no user interaction required, enabling potential unauthorized access, data manipulation, and service disruption. No public exploit identified at time of analysis, though the network attack vector (AV:N) and low complexity (AC:L) suggest straightforward exploitation once technical details emerge.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8037 CRITICAL PATCH Act Now

Cookie shadowing in Mozilla Firefox (versions prior to 141 and ESR prior to 140.1) and Thunderbird (versions prior to 141 and ESR prior to 140.1) allows remote unauthenticated attackers to bypass Secure cookie protections and access or modify session data. A nameless cookie containing an equals sign set over insecure HTTP can override cookies with the Secure attribute, enabling session hijacking or authentication bypass. No public exploit identified at time of analysis, though the attack complexity is low (CVSS AC:L) with network-based attack vector requiring no user interaction.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-8036 HIGH PATCH This Week

DNS rebinding attacks can bypass Cross-Origin Resource Sharing (CORS) protections in Mozilla Firefox and Thunderbird due to improper cache invalidation of CORS preflight responses when target IP addresses change. Remote attackers can exploit this via malicious websites to access confidential cross-origin data without user authentication (CVSS: PR:N, UI:R). No public exploit identified at time of analysis, though CERT VU#652514 provides technical disclosure. EPSS data not provided, but the combination of network-accessible attack vector, low complexity, and no required privileges warrants attention for organizations using affected Mozilla products.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8035 HIGH PATCH This Week

Remote code execution in Mozilla Firefox (ESR 128.12, 140.0, Firefox 140) and Thunderbird (ESR 128.12, 140.0, Thunderbird 140) allows unauthenticated remote attackers to execute arbitrary code via memory corruption vulnerabilities classified as buffer overflow (CWE-119). User interaction is required. Mozilla has released patches for all affected products (Firefox 141, ESR 128.13, ESR 140.1, Thunderbird 141, 128.13, 140.1). No public exploit identified at time of analysis, though CVSS score of 8.8 reflects high severity with complete compromise potential.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-8034 HIGH PATCH This Week

Remote code execution in Mozilla Firefox (ESR 115.x through 115.25, 128.x through 128.12, 140.0, regular 140) and Thunderbird (ESR 128.12, 140.0, regular 140) via memory safety bugs (CWE-119 buffer overflow). Attackers can execute arbitrary code by delivering crafted web content that triggers memory corruption when a user interacts with malicious pages or emails. CVSS 8.8 (High) reflects network-based attack requiring user interaction but no authentication. Vendor-released patches available: Firefox 141, Firefox ESR 115.26/128.13/140.1, Thunderbird 141/128.13/140.1. EPSS data not provided; no public exploit identified at time of analysis, though Mozilla notes evidence of memory corruption suggesting exploitability with effort.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-8033 MEDIUM PATCH This Month

Null pointer dereference in Firefox and Thunderbird JavaScript engines allows remote attackers to cause denial of service via malformed closed generator objects. The vulnerability affects Firefox versions below 141, Firefox ESR versions below 115.26/128.13/140.1, Thunderbird versions below 141/128.13/140.1, and is triggered when a user visits a malicious webpage or opens a crafted email containing JavaScript that improperly resumes a closed generator. While the CVSS score is 6.5 (medium-high), the impact is limited to availability-no information disclosure or code execution is possible.

Mozilla Denial Of Service Null Pointer Dereference Thunderbird Red Hat +1
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-8032 HIGH PATCH This Week

Content Security Policy bypass in Mozilla Firefox and Thunderbird allows remote attackers to circumvent CSP protections via maliciously crafted XSLT documents. The flaw affects Firefox versions prior to 141 and Firefox ESR prior to 128.13/140.1, as well as Thunderbird versions prior to 141 and Thunderbird ESR prior to 128.13/140.1. Attack requires user interaction (visiting a malicious site or opening a malicious email) but no authentication. With CVSS 8.1 (High severity) and documented in six separate Mozilla security advisories, this CSP bypass enables high-impact confidentiality and integrity violations, though no public exploit or active exploitation has been identified at time of analysis.

Mozilla Authentication Bypass Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8031 CRITICAL PATCH Act Now

HTTP Basic Authentication credentials leak in Mozilla Firefox and Thunderbird via Content Security Policy (CSP) violation reports affects all versions prior to Firefox 141, Firefox ESR 128.13/140.1, and Thunderbird 141/128.13/140.1. When CSP violations occur on pages using HTTP Basic Auth, the browser incorrectly includes username:password in the violation report URL sent to the CSP report endpoint, exposing credentials to potentially untrusted third parties. With CVSS 9.8 and network-based unauthenticated attack vector (AV:N/AC:L/PR:N), this represents a critical credential disclosure vulnerability, though no public exploit or active exploitation (non-KEV) is confirmed at time of analysis.

Mozilla Privilege Escalation Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8030 HIGH PATCH This Week

Firefox and Thunderbird's 'Copy as cURL' feature improperly escapes shell metacharacters, allowing remote attackers to trick users into executing arbitrary commands when pasting copied network requests into a terminal. Affects Firefox <141, Firefox ESR <128.13/140.1, and Thunderbird <141, <128.13/140.1. Vendor-released patches available across all affected branches. CVSS 8.1 with network attack vector requiring user interaction; no public exploit identified at time of analysis. EPSS data not provided but social engineering dependency limits automated exploitation risk.

Mozilla RCE Code Injection Thunderbird Red Hat +1
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8029 HIGH PATCH This Week

Mozilla Firefox and Thunderbird execute JavaScript via crafted object/embed tags, enabling remote attackers to achieve high-impact XSS without authentication. Affects Firefox <141, Firefox ESR <128.13/<140.1, and Thunderbird <141/128.13/140.1. Users must visit a malicious page (UI:R), but attack complexity is low (AC:L) and no privileges required (PR:N). Vendor-released patches available across all affected product lines. No public exploit identified at time of analysis, though the attack surface is broad given browser/email client ubiquity.

Mozilla XSS Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-8028 CRITICAL PATCH Act Now

WebAssembly JIT compiler on ARM64 architectures incorrectly calculates branch addresses when processing WASM br_table instructions with numerous entries, enabling remote code execution in Firefox <141, Firefox ESR <115.26/128.13/140.1, and Thunderbird <141/128.13/140.1. The vulnerability requires no authentication or user interaction (CVSS AV:N/AC:L/PR:N/UI:N), allowing network-based attackers to potentially execute arbitrary code through malicious WASM content. Vendor-released patches are available across all affected product lines. No public exploit identified at time of analysis, though the CVSS 9.8 critical rating reflects the theoretical severity of unauthenticated remote code execution.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-8027 MEDIUM PATCH This Month

Information disclosure in Mozilla Firefox and Thunderbird on 64-bit platforms allows remote attackers to leak sensitive memory contents via specially crafted web content. The IonMonkey JIT compiler writes only 32 bits of the 64-bit return value space on the stack, while the Baseline JIT reads the entire 64 bits, exposing uninitialized stack memory. Exploitation requires user interaction (UI:R) and no authentication. Fixes are available: Firefox 141+, Firefox ESR 115.26+, Firefox ESR 128.13+, Firefox ESR 140.1+, Thunderbird 141+, Thunderbird 128.13+, and Thunderbird 140.1+.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-3467 MEDIUM POC PATCH This Month

An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrator's token by sending a payload in the published chat. When the administrator views the conversation content through the monitoring/log function using Firefox, the XSS vulnerability is triggered, potentially exposing sensitive token information to the attacker.

XSS Mozilla Dify Firefox
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-6703 MEDIUM This Month

Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.

Mozilla Denial Of Service Neqo Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-6436 HIGH PATCH This Week

CVE-2025-6436 is a collection of memory safety vulnerabilities in Firefox and Thunderbird versions 139 that demonstrate evidence of memory corruption with potential for arbitrary code execution. The vulnerability affects Firefox < 140 and Thunderbird < 140, and requires network access but moderate attack complexity. While no active exploitation in the wild has been confirmed, the high CVSS score of 8.1 and memory corruption evidence indicate this is a critical patch requiring immediate deployment.

RCE Mozilla Buffer Overflow
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-6435 HIGH PATCH This Week

CVE-2025-6435 is a file handling vulnerability in Firefox and Thunderbird's Developer Tools where saved network responses may lack the `.download` file extension, potentially allowing attackers to trick users into executing malicious executables. This affects Firefox versions below 140 and Thunderbird versions below 140. The vulnerability requires user interaction (saving and executing a file) but carries high severity (CVSS 8.1) due to potential for arbitrary code execution.

Mozilla File Upload
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-6434 MEDIUM PATCH This Month

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140 and Thunderbird < 140.

XSS Mozilla
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-6433 CRITICAL PATCH Act Now

CVE-2025-6433 is a critical WebAuthn specification violation in Firefox and Thunderbird that allows attackers to present WebAuthn authentication challenges over non-secure TLS connections with user-granted exceptions. This bypasses the WebAuthn requirement for secure transport without errors, enabling credential theft and account compromise. Firefox < 140 and Thunderbird < 140 are affected; the network-based attack requires no privileges or user interaction beyond the initial certificate exception grant, resulting in a CVSS 9.8 critical rating.

Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6432 HIGH PATCH This Week

CVE-2025-6432 is a DNS proxy bypass vulnerability in Firefox and Thunderbird when Mozilla's Multi-Account Containers extension is enabled. Under specific conditions-invalid domain names or unresponsive SOCKS proxies-DNS requests circumvent the configured SOCKS proxy, potentially exposing user browsing activity to network monitoring. This affects Firefox < 140 and Thunderbird < 140, has a high CVSS score of 8.6 reflecting significant confidentiality impact, and requires network-level access but no user interaction to exploit.

Information Disclosure Mozilla
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-6431 MEDIUM PATCH This Month

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

Mozilla Google Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-6430 MEDIUM PATCH This Month

When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `&lt;embed&gt;` or `&lt;object&gt;` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

XSS Mozilla
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-6429 MEDIUM PATCH This Month

Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

Authentication Bypass Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-6428 MEDIUM POC PATCH This Month

When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

Google Mozilla Open Redirect
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-6427 CRITICAL PATCH Act Now

A security vulnerability in Devtools. This vulnerability affects Firefox (CVSS 9.1). Critical severity with potential for significant impact on affected systems.

Mozilla Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-6426 HIGH PATCH This Week

CVE-2025-6426 is a missing executable file warning vulnerability in Firefox and Thunderbird on macOS that fails to alert users before opening files with the 'terminal' extension, potentially allowing attackers to execute arbitrary code. This affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12 on macOS only. An attacker can leverage this to trick users into executing malicious terminal scripts by bypassing the security warning mechanism that normally prevents automatic execution of executable files.

Information Disclosure Mozilla Apple
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-6425 MEDIUM PATCH This Month

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

Information Disclosure Mozilla
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-6424 CRITICAL PATCH Act Now

A denial of service vulnerability (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Use After Free Mozilla Denial Of Service Memory Corruption
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-5986 MEDIUM PATCH This Month

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.11.1 and Thunderbird < 139.0.2.

Microsoft Mozilla Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-5687 HIGH This Week

Local privilege escalation vulnerability in Mozilla VPN for macOS that allows an authenticated local user to escalate privileges from normal user to root. This affects Mozilla VPN versions below 2.28.0 on macOS exclusively. An attacker with local access can exploit this without user interaction to gain complete system control, making it a critical risk for multi-user systems or compromised local accounts.

Mozilla Privilege Escalation Apple
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49710 CRITICAL PATCH Act Now

An integer overflow vulnerability exists in the OrderedHashTable component of Firefox's JavaScript engine, allowing remote attackers to achieve arbitrary code execution without requiring user interaction or elevated privileges. This critical flaw affects Firefox versions prior to 139.0.4 and carries a maximum CVSS score of 9.8, indicating severe real-world risk with network-based attack vectors requiring no user interaction.

Mozilla Integer Overflow Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-49709 CRITICAL PATCH Act Now

Critical memory corruption vulnerability in Firefox canvas operations that allows unauthenticated remote attackers to achieve arbitrary code execution with no user interaction required. Firefox versions prior to 139.0.4 are affected. The vulnerability has a near-perfect CVSS score of 9.8 due to network accessibility, low attack complexity, and complete compromise of confidentiality, integrity, and availability.

Mozilla Memory Corruption Buffer Overflow
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-5272 HIGH PATCH This Week

Memory safety bugs present in Firefox 138 and Thunderbird 138. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2025-5271 MEDIUM PATCH This Month

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-5270 HIGH PATCH This Week

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-5269 HIGH PATCH This Week

Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2025-5268 HIGH PATCH This Week

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2025-5267 MEDIUM PATCH This Month

A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2025-5266 MEDIUM PATCH This Month

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2025-5265 MEDIUM PATCH This Month

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Command Injection RCE Mozilla
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-5264 MEDIUM PATCH This Month

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection RCE Mozilla
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-5263 MEDIUM PATCH This Month

Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-5262 HIGH PATCH This Month

A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Thunderbird Red Hat Suse
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-5020 MEDIUM This Month

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mozilla
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-4919 HIGH PATCH This Week

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Mozilla
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-4918 CRITICAL POC PATCH Act Now

An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Mozilla
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-40630 MEDIUM POC This Month

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Mozilla Mail Server Firefox
NVD
CVSS 4.0
5.1
EPSS
0.7%
CVE-2025-3932 MEDIUM PATCH This Month

It was possible to craft an email that showed a tracking link as an attachment. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-3909 HIGH PATCH This Week

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2025-3875 HIGH PATCH This Week

Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-4093 HIGH PATCH This Week

Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2025-4092 MEDIUM PATCH This Month

Memory safety bugs present in Firefox 137 and Thunderbird 137. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
CVSS 3.1
6.5
EPSS
0.3%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Out-of-bounds memory corruption in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to achieve code execution via malicious WebGL texture operations. A compromised web content process can exploit manipulated WebGL textures to trigger out-of-bounds reads and writes in privileged browser processes, potentially leading to full system compromise. Affects Firefox <144, Firefox ESR <115.29 and <140.4, and Thunderbird <144 and <140.4. Vendor-released patches available across all affected product lines. CVSS 9.8 reflects network-accessible, no-authentication-required attack with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the specific Bugzilla reference (1989127) indicates detailed technical analysis exists.

Memory Corruption Mozilla Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox (all versions prior to 144, ESR prior to 140.4) and Thunderbird (all versions prior to 144, ESR prior to 140.4) allows unauthenticated remote attackers to execute arbitrary code, disclose sensitive information, or cause denial of service through a use-after-free vulnerability in MediaTrackGraphImpl::GetInstance(). With a critical CVSS score of 9.8 and no authentication required, this memory corruption flaw represents a severe security risk. No public exploit identified at time of analysis, though EPSS data not available to assess exploitation probability.

Memory Corruption Mozilla Use After Free +4
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

JIT miscompilation in the JavaScript Engine: JIT component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Mozilla
NVD
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Sandbox escape due to integer overflow in the Graphics: Canvas2D component. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Integer Overflow
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Information disclosure in the Networking: Cache component. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Spoofing issue in the Site Permissions component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla XSS
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in the SVG component. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Integer Overflow
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Incorrect boundary conditions in the JavaScript: GC component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Mitigation bypass in the Web Compatibility: Tooling component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Spoofing issue in the WebAuthn component in Firefox for Android. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Same-origin policy bypass in the Layout component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cors Misconfiguration Mozilla
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Memory safety bugs present in Firefox 141 and Thunderbird 141. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Spoofing issue in the Address Bar component of Firefox Focus for Android. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Spoofing issue in the Address Bar component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial-of-service due to out-of-memory in the Graphics: WebRender component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory in the JavaScript Engine component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Same-origin policy bypass in the Graphics: Canvas2D component. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Mozilla
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Mozilla
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS < 142. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS <. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Mozilla
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Mozilla
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Open Redirect Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Memory corruption in Firefox 140 and Thunderbird 140 enables remote code execution without authentication. Mozilla confirmed multiple memory safety bugs with evidence of corruption, collectively presumed exploitable for arbitrary code execution. Fixed in Firefox 141 and Thunderbird 141. CVSS 9.8 critical severity with network-accessible attack vector requiring no user interaction. EPSS data not provided; no public exploit identified at time of analysis.

Mozilla RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Firefox and Thunderbird URL truncation flaw enables spoofing attacks by displaying misleading origins in the address bar. Affects all Firefox versions prior to 141 and corresponding Thunderbird releases. Attackers can craft URLs that hide the true destination, tricking users into visiting malicious sites. Publicly available exploit code exists. CVSS 9.8 critical rating reflects network-based attack requiring no authentication, though real-world exploitation requires social engineering (user interaction despite UI:N vector).

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Memory corruption in Mozilla Firefox 140 and Thunderbird 140 (including ESR versions) allows remote code execution when users interact with malicious web content. Affected versions include Firefox ESR 140.0, Firefox 140, Thunderbird ESR 140.0, and Thunderbird 140. With CVSS 8.8 and requiring only user interaction (no authentication), this represents a significant threat to enterprise and consumer users. No public exploit identified at time of analysis, though Mozilla confirmed memory corruption evidence suggesting exploitability with sufficient attacker effort. Vendor-released patches available in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

Mozilla RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Search term leakage in Mozilla Firefox and Thunderbird URL bars exposes sensitive user queries to unauthorized parties when URLs are shared or logged. Firefox versions prior to 141 (regular) and 140.1 (ESR), and Thunderbird versions prior to 141 (regular) and 140.1 (ESR) fail to properly clear search parameters from the URL bar after navigation, enabling information disclosure through shoulder surfing, screenshot sharing, browser history exports, or URL-based tracking. No public exploit identified at time of analysis, though the attack requires only user interaction (EPSS data not provided). CVSS 8.1 reflects high confidentiality and integrity impact despite requiring user interaction.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Frame navigation validation bypass in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to violate security boundaries due to improper path checking (CWE-345). Affects Firefox <141, Firefox ESR <140.1, Thunderbird <141, and Thunderbird ESR <140.1. The CVSS 9.8 critical score reflects network-based exploitation with no user interaction required, enabling potential unauthorized access, data manipulation, and service disruption. No public exploit identified at time of analysis, though the network attack vector (AV:N) and low complexity (AC:L) suggest straightforward exploitation once technical details emerge.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Cookie shadowing in Mozilla Firefox (versions prior to 141 and ESR prior to 140.1) and Thunderbird (versions prior to 141 and ESR prior to 140.1) allows remote unauthenticated attackers to bypass Secure cookie protections and access or modify session data. A nameless cookie containing an equals sign set over insecure HTTP can override cookies with the Secure attribute, enabling session hijacking or authentication bypass. No public exploit identified at time of analysis, though the attack complexity is low (CVSS AC:L) with network-based attack vector requiring no user interaction.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

DNS rebinding attacks can bypass Cross-Origin Resource Sharing (CORS) protections in Mozilla Firefox and Thunderbird due to improper cache invalidation of CORS preflight responses when target IP addresses change. Remote attackers can exploit this via malicious websites to access confidential cross-origin data without user authentication (CVSS: PR:N, UI:R). No public exploit identified at time of analysis, though CERT VU#652514 provides technical disclosure. EPSS data not provided, but the combination of network-accessible attack vector, low complexity, and no required privileges warrants attention for organizations using affected Mozilla products.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Mozilla Firefox (ESR 128.12, 140.0, Firefox 140) and Thunderbird (ESR 128.12, 140.0, Thunderbird 140) allows unauthenticated remote attackers to execute arbitrary code via memory corruption vulnerabilities classified as buffer overflow (CWE-119). User interaction is required. Mozilla has released patches for all affected products (Firefox 141, ESR 128.13, ESR 140.1, Thunderbird 141, 128.13, 140.1). No public exploit identified at time of analysis, though CVSS score of 8.8 reflects high severity with complete compromise potential.

Mozilla RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Mozilla Firefox (ESR 115.x through 115.25, 128.x through 128.12, 140.0, regular 140) and Thunderbird (ESR 128.12, 140.0, regular 140) via memory safety bugs (CWE-119 buffer overflow). Attackers can execute arbitrary code by delivering crafted web content that triggers memory corruption when a user interacts with malicious pages or emails. CVSS 8.8 (High) reflects network-based attack requiring user interaction but no authentication. Vendor-released patches available: Firefox 141, Firefox ESR 115.26/128.13/140.1, Thunderbird 141/128.13/140.1. EPSS data not provided; no public exploit identified at time of analysis, though Mozilla notes evidence of memory corruption suggesting exploitability with effort.

Mozilla RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Null pointer dereference in Firefox and Thunderbird JavaScript engines allows remote attackers to cause denial of service via malformed closed generator objects. The vulnerability affects Firefox versions below 141, Firefox ESR versions below 115.26/128.13/140.1, Thunderbird versions below 141/128.13/140.1, and is triggered when a user visits a malicious webpage or opens a crafted email containing JavaScript that improperly resumes a closed generator. While the CVSS score is 6.5 (medium-high), the impact is limited to availability-no information disclosure or code execution is possible.

Mozilla Denial Of Service Null Pointer Dereference +3
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Content Security Policy bypass in Mozilla Firefox and Thunderbird allows remote attackers to circumvent CSP protections via maliciously crafted XSLT documents. The flaw affects Firefox versions prior to 141 and Firefox ESR prior to 128.13/140.1, as well as Thunderbird versions prior to 141 and Thunderbird ESR prior to 128.13/140.1. Attack requires user interaction (visiting a malicious site or opening a malicious email) but no authentication. With CVSS 8.1 (High severity) and documented in six separate Mozilla security advisories, this CSP bypass enables high-impact confidentiality and integrity violations, though no public exploit or active exploitation has been identified at time of analysis.

Mozilla Authentication Bypass Thunderbird +2
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

HTTP Basic Authentication credentials leak in Mozilla Firefox and Thunderbird via Content Security Policy (CSP) violation reports affects all versions prior to Firefox 141, Firefox ESR 128.13/140.1, and Thunderbird 141/128.13/140.1. When CSP violations occur on pages using HTTP Basic Auth, the browser incorrectly includes username:password in the violation report URL sent to the CSP report endpoint, exposing credentials to potentially untrusted third parties. With CVSS 9.8 and network-based unauthenticated attack vector (AV:N/AC:L/PR:N), this represents a critical credential disclosure vulnerability, though no public exploit or active exploitation (non-KEV) is confirmed at time of analysis.

Mozilla Privilege Escalation Thunderbird +2
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Firefox and Thunderbird's 'Copy as cURL' feature improperly escapes shell metacharacters, allowing remote attackers to trick users into executing arbitrary commands when pasting copied network requests into a terminal. Affects Firefox <141, Firefox ESR <128.13/140.1, and Thunderbird <141, <128.13/140.1. Vendor-released patches available across all affected branches. CVSS 8.1 with network attack vector requiring user interaction; no public exploit identified at time of analysis. EPSS data not provided but social engineering dependency limits automated exploitation risk.

Mozilla RCE Code Injection +3
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Mozilla Firefox and Thunderbird execute JavaScript via crafted object/embed tags, enabling remote attackers to achieve high-impact XSS without authentication. Affects Firefox <141, Firefox ESR <128.13/<140.1, and Thunderbird <141/128.13/140.1. Users must visit a malicious page (UI:R), but attack complexity is low (AC:L) and no privileges required (PR:N). Vendor-released patches available across all affected product lines. No public exploit identified at time of analysis, though the attack surface is broad given browser/email client ubiquity.

Mozilla XSS Thunderbird +2
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

WebAssembly JIT compiler on ARM64 architectures incorrectly calculates branch addresses when processing WASM br_table instructions with numerous entries, enabling remote code execution in Firefox <141, Firefox ESR <115.26/128.13/140.1, and Thunderbird <141/128.13/140.1. The vulnerability requires no authentication or user interaction (CVSS AV:N/AC:L/PR:N/UI:N), allowing network-based attackers to potentially execute arbitrary code through malicious WASM content. Vendor-released patches are available across all affected product lines. No public exploit identified at time of analysis, though the CVSS 9.8 critical rating reflects the theoretical severity of unauthenticated remote code execution.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Information disclosure in Mozilla Firefox and Thunderbird on 64-bit platforms allows remote attackers to leak sensitive memory contents via specially crafted web content. The IonMonkey JIT compiler writes only 32 bits of the 64-bit return value space on the stack, while the Baseline JIT reads the entire 64 bits, exposing uninitialized stack memory. Exploitation requires user interaction (UI:R) and no authentication. Fixes are available: Firefox 141+, Firefox ESR 115.26+, Firefox ESR 128.13+, Firefox ESR 140.1+, Thunderbird 141+, Thunderbird 128.13+, and Thunderbird 140.1+.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrator's token by sending a payload in the published chat. When the administrator views the conversation content through the monitoring/log function using Firefox, the XSS vulnerability is triggered, potentially exposing sensitive token information to the attacker.

XSS Mozilla Dify +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.

Mozilla Denial Of Service Neqo +2
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

CVE-2025-6436 is a collection of memory safety vulnerabilities in Firefox and Thunderbird versions 139 that demonstrate evidence of memory corruption with potential for arbitrary code execution. The vulnerability affects Firefox < 140 and Thunderbird < 140, and requires network access but moderate attack complexity. While no active exploitation in the wild has been confirmed, the high CVSS score of 8.1 and memory corruption evidence indicate this is a critical patch requiring immediate deployment.

RCE Mozilla Buffer Overflow
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

CVE-2025-6435 is a file handling vulnerability in Firefox and Thunderbird's Developer Tools where saved network responses may lack the `.download` file extension, potentially allowing attackers to trick users into executing malicious executables. This affects Firefox versions below 140 and Thunderbird versions below 140. The vulnerability requires user interaction (saving and executing a file) but carries high severity (CVSS 8.1) due to potential for arbitrary code execution.

Mozilla File Upload
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140 and Thunderbird < 140.

XSS Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

CVE-2025-6433 is a critical WebAuthn specification violation in Firefox and Thunderbird that allows attackers to present WebAuthn authentication challenges over non-secure TLS connections with user-granted exceptions. This bypasses the WebAuthn requirement for secure transport without errors, enabling credential theft and account compromise. Firefox < 140 and Thunderbird < 140 are affected; the network-based attack requires no privileges or user interaction beyond the initial certificate exception grant, resulting in a CVSS 9.8 critical rating.

Mozilla Information Disclosure
NVD
EPSS 0% CVSS 8.6
HIGH PATCH This Week

CVE-2025-6432 is a DNS proxy bypass vulnerability in Firefox and Thunderbird when Mozilla's Multi-Account Containers extension is enabled. Under specific conditions-invalid domain names or unresponsive SOCKS proxies-DNS requests circumvent the configured SOCKS proxy, potentially exposing user browsing activity to network monitoring. This affects Firefox < 140 and Thunderbird < 140, has a high CVSS score of 8.6 reflecting significant confidentiality impact, and requires network-level access but no user interaction to exploit.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

Mozilla Google Authentication Bypass
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `&lt;embed&gt;` or `&lt;object&gt;` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

XSS Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

Authentication Bypass Mozilla
NVD
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

Google Mozilla Open Redirect
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

A security vulnerability in Devtools. This vulnerability affects Firefox (CVSS 9.1). Critical severity with potential for significant impact on affected systems.

Mozilla Authentication Bypass
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

CVE-2025-6426 is a missing executable file warning vulnerability in Firefox and Thunderbird on macOS that fails to alert users before opening files with the 'terminal' extension, potentially allowing attackers to execute arbitrary code. This affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12 on macOS only. An attacker can leverage this to trick users into executing malicious terminal scripts by bypassing the security warning mechanism that normally prevents automatic execution of executable files.

Information Disclosure Mozilla Apple
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

A denial of service vulnerability (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Use After Free Mozilla Denial Of Service +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.11.1 and Thunderbird < 139.0.2.

Microsoft Mozilla Information Disclosure
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation vulnerability in Mozilla VPN for macOS that allows an authenticated local user to escalate privileges from normal user to root. This affects Mozilla VPN versions below 2.28.0 on macOS exclusively. An attacker with local access can exploit this without user interaction to gain complete system control, making it a critical risk for multi-user systems or compromised local accounts.

Mozilla Privilege Escalation Apple
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An integer overflow vulnerability exists in the OrderedHashTable component of Firefox's JavaScript engine, allowing remote attackers to achieve arbitrary code execution without requiring user interaction or elevated privileges. This critical flaw affects Firefox versions prior to 139.0.4 and carries a maximum CVSS score of 9.8, indicating severe real-world risk with network-based attack vectors requiring no user interaction.

Mozilla Integer Overflow Buffer Overflow
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Critical memory corruption vulnerability in Firefox canvas operations that allows unauthenticated remote attackers to achieve arbitrary code execution with no user interaction required. Firefox versions prior to 139.0.4 are affected. The vulnerability has a near-perfect CVSS score of 9.8 due to network accessibility, low attack complexity, and complete compromise of confidentiality, integrity, and availability.

Mozilla Memory Corruption Buffer Overflow
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Memory safety bugs present in Firefox 138 and Thunderbird 138. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Mozilla
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Command Injection RCE +1
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection RCE Mozilla
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Thunderbird +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Mozilla
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Mozilla
NVD
EPSS 1% CVSS 5.1
MEDIUM POC This Month

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Mozilla Mail Server +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

It was possible to craft an email that showed a tracking link as an attachment. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory safety bugs present in Firefox 137 and Thunderbird 137. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla
NVD
Prev Page 5 of 30 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy