CVE-2025-11721
published 2025-10-14CVE-2025-11721: Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144 and Thunderbird 144.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 144.0-1 (sid) | firefox 144.0-1 (sid) |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 143.0 < 144.0 | 144.0 |
| mozilla | thunderbird | >= 143.0 < 144.0 | 144.0 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL