Remote Code Execution Vulnerability in Firefox by Mozilla
CVE-2025-10531

5.4MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox; Thunderbird
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-10531?

A security vulnerability has been identified in Firefox versions prior to 143, which may allow attackers to execute arbitrary code on the affected systems, potentially leading to unauthorized actions. Users are encouraged to update to the latest version to ensure their systems remain secure.

Affected Version(s)

Firefox < 143

Thunderbird < 143

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1978453

https://www.mozilla.org/security/advisories/mfsa2025-73/

https://www.mozilla.org/security/advisories/mfsa2025-77/

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025

Credit

Nikolaos Mourousias

JSON