Critical Vulnerability Information CVE-2025-6424: use-after-free in FontFaceSet Impact: Low Description: A use-after-free vulnerability exists in FontFaceSet, potentially leading to memory corruption. CVE-2025-6425: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID Impact: Medium Description: The WebCompat WebExtension bundled with Firefox exposes a persistent UUID, which could be used to identify users and track them across sessions. CVE-2025-6426: No warning when opening executable terminal files on macOS Impact: Medium Description: On macOS, no warning is displayed when opening executable terminal files, potentially allowing users to run malicious code unknowingly. CVE-2025-6427: connect-src Content Security Policy restriction could be bypassed Impact: Medium Description: Attackers could bypass the connect-src directive restriction in Content Security Policy, leading to potential security risks. CVE-2025-6428: Firefox for Android opened URLs specified in a link querystring parameter Impact: Medium Description: Firefox for Android incorrectly parses URLs provided as a link querystring parameter, leading to bypass of security checks. CVE-2025-6429: Incorrect parsing of URLs could have allowed embedding of youtube.com Impact: Low Description: Incorrect URL parsing could allow embedding of youtube.com, bypassing security checks. CVE-2025-6430: Content-Disposition header ignored when a file is included in an embed or object tag Impact: Medium Description: The Content-Disposition header is ignored when a file is included within an embed or object tag, potentially leading to unintended file handling behavior. CVE-2025-6431: The prompt in Firefox for Android that asks before opening a link in an external application could be bypassed Impact: Medium Description: Attackers could bypass the prompt in Firefox for Android that asks before opening a link in an external application, leading to potential security risks. CVE-2025-6432: DNS Requests leaked outside of a configured SOCKS proxy Impact: Medium Description: When a SOCKS proxy is configured, DNS requests may leak outside the proxy, potentially leading to information disclosure. CVE-2025-6433: WebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificate Impact: Medium Description: WebAuthn allows users to sign challenges on webpages with invalid TLS certificates, violating the security requirements of the Transport Layer Security protocol. CVE-2025-6434: HTTPS-Only exception screen lacked anti-clickjacking delay Impact: Low Description: The HTTPS-Only exception screen lacks an anti-clickjacking delay, potentially enabling clickjacking attacks. CVE-2025-6435: Save as In Devtools could download files without sanitizing the extension Impact: Low Description: In Devtools, saving files without sanitizing the extension could lead to malicious file downloads. CVE-2025-6436: Memory safety bugs fixed in Firefox 140 and Thunderbird 140 Impact: High Description: Multiple memory safety vulnerabilities in Firefox 140 and Thunderbird 140 have been fixed, which could lead to memory corruption and potential remote code execution.