Mozilla Firefox vulnerabilities

CVE-2025-55030 [MEDIUM] CWE-640 CVE-2025-55030: Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrec Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.

CVE-2025-55028 [MEDIUM] CWE-400 CVE-2025-55028: Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in so Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.

CVE-2025-8041 [MEDIUM] CWE-451 CVE-2025-8041: In the address bar, Firefox for Android truncated the display of URLs from the end instead of priori In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141.

CVE-2025-54144 [MEDIUM] CWE-601 CVE-2025-54144: The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attac The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141.

CVE-2025-8031 [CRITICAL] CWE-276 CVE-2025-8031: The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

CVE-2025-8044 [CRITICAL] CWE-119 CVE-2025-8044: Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 141 and Thunderbird 141.

CVE-2025-8038 [CRITICAL] CWE-345 CVE-2025-8038: Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability w Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

CVE-2025-8028 [CRITICAL] CWE-1332 CVE-2025-8028: On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1

CVE-2025-8043 [CRITICAL] CWE-451 CVE-2025-8043: Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerabil Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability was fixed in Firefox 141.

CVE-2025-8037 [CRITICAL] CWE-614 CVE-2025-8037: Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the namel Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

CVE-2025-8040 [HIGH] CWE-119 CVE-2025-8040: Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderb

CVE-2025-8034 [HIGH] CWE-119 CVE-2025-8034: Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefo Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed

CVE-2025-8039 [HIGH] CWE-200 CVE-2025-8039: In some cases search terms persisted in the URL bar even after navigating away from the search page. In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

CVE-2025-8036 [HIGH] CWE-350 CVE-2025-8036: Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CO Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

CVE-2025-8030 [HIGH] CWE-94 CVE-2025-8030: Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into e Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

CVE-2025-8029 [HIGH] CWE-80 CVE-2025-8029: Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability w Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

CVE-2025-8035 [HIGH] CWE-119 CVE-2025-8035: Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunder Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 141, Fir

CVE-2025-8032 [HIGH] CWE-693 CVE-2025-8032: XSLT document loading did not correctly propagate the source document which bypassed its CSP. This v XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

CVE-2025-8027 [MEDIUM] CWE-457 CVE-2025-8027: On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

CVE-2025-8033 [MEDIUM] CWE-476 CVE-2025-8033: The JavaScript engine did not handle closed generators correctly and it was possible to resume them The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.