CVE-2025-8039 — Sensitive Information Exposure in Mozilla Firefox

CWE-200 — Sensitive Information Exposure11 documents8 sources

Severity

8.1HIGHNVD

EPSS

0.1%

top 78.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedJul 22

Latest updateFeb 2

Description

In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages3 packages

▶NVDmozilla/firefox< 140.1+1

▶NVDmozilla/thunderbird< 140.1+1

▶Ubuntumozilla/thunderbird< 1:140.7.1+build1-0ubuntu0.22.04.1

🔴Vulnerability Details

CVEList

Search terms persisted in URL bar↗2025-07-22

▶

OSV

CVE-2025-8039: In some cases search terms persisted in the URL bar even after navigating away from the search page↗2025-07-22

▶

GHSA

GHSA-gg2x-qqv2-xfhc: In some cases search terms persisted in the URL bar even after navigating away from the search page↗2025-07-22

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2026-02-02

▶

Red Hat

firefox: Search terms persisted in URL bar↗2025-07-22

▶

Debian

CVE-2025-8039: firefox - In some cases search terms persisted in the URL bar even after navigating away f...↗2025

▶

Mozilla

Mozilla Foundation Security Advisory 2025-59: CVE-2025-8039↗

▶

Mozilla

Mozilla Foundation Security Advisory 2025-63: CVE-2025-8039↗

▶