Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Firefox — Vulnerabilities & Security Advisories 1243

All 1243 CVE vulnerabilities found in Firefox, with AI-generated Chinese analysis, references, and POCs.

Vendor: Mozilla

CVE IDTitleCVSSSeverityPublished
CVE-2025-6426 No warning when opening executable terminal files on macOS 8.8 -2025-06-24
CVE-2025-6429 Incorrect parsing of URLs could have allowed embedding of youtube.com 4.3 -2025-06-24
CVE-2025-6425 The WebCompat WebExtension shipped with Firefox exposed a persistent UUID 7.5 -2025-06-24
CVE-2025-6424 Use-after-free in FontFaceSet 9.8 -2025-06-24
CVE-2025-49709 Memory corruption in canvas surfaces 8.1AIHighAI2025-06-11
CVE-2025-49710 Integer overflow in OrderedHashTable 8.8AIHighAI2025-06-11
CVE-2025-5272 Memory safety bugs fixed in Firefox 139 and Thunderbird 139 9.8AICriticalAI2025-05-27
CVE-2025-5271 Devtools' preview ignored CSP headers 4.3AIMediumAI2025-05-27
CVE-2025-5270 SNI was sometimes unencrypted 7.5AIHighAI2025-05-27
CVE-2025-5269 Memory safety bug fixed in Firefox ESR 128.11 and Thunderbird 128.11 8.8AIHighAI2025-05-27
CVE-2025-5268 Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11 9.8AICriticalAI2025-05-27
CVE-2025-5267 Clickjacking vulnerability could have led to leaking saved payment card details 4.3AIMediumAI2025-05-27
CVE-2025-5266 Script element events leaked cross-origin resource status 6.5AIMediumAI2025-05-27
CVE-2025-5265 Potential local code execution in “Copy as cURL” command 7.8AIHighAI2025-05-27
CVE-2025-5264 Potential local code execution in “Copy as cURL” command 7.8AIHighAI2025-05-27
CVE-2025-5263 Error handling for script execution was incorrectly isolated from web content 6.5AIMediumAI2025-05-27
CVE-2025-4919 Out-of-bounds access when optimizing linear sums 8.8AIHighAI2025-05-17
CVE-2025-4918 Out-of-bounds access when resolving Promise objects 8.1AIHighAI2025-05-17
CVE-2025-4093 Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10 8.8 -2025-04-29
CVE-2025-4092 Memory safety bugs fixed in Firefox 138 and Thunderbird 138 9.8 -2025-04-29
CVE-2025-4091 Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 9.8 -2025-04-29
CVE-2025-4090 Leaked library paths in Thunderbird for Android 4.3 -2025-04-29
CVE-2025-4089 Potential local code execution in "copy as cURL" command 7.8 -2025-04-29
CVE-2025-4088 Cross-site request forgery via storage access API redirects 8.8 -2025-04-29
CVE-2025-4087 Unsafe attribute access during XPath parsing 9.8 -2025-04-29
CVE-2025-4086 Specially crafted filename could be used to obscure download type 4.3 -2025-04-29
CVE-2025-4085 Potential information leakage and privilege escalation in UITour actor 8.0 -2025-04-29
CVE-2025-4084 Potential local code execution in "copy as cURL" command 7.8 -2025-04-29
CVE-2025-4083 Process isolation bypass using "javascript:" URI links in cross-origin frames 10.0 -2025-04-29
CVE-2025-4082 WebGL shader attribute memory corruption in Thunderbird for macOS 8.8 -2025-04-29

All 1243 known CVE vulnerabilities affecting Firefox with full Chinese analysis, references, and POCs where available.