Memory Safety Vulnerabilities in Firefox and Thunderbird by Mozilla
CVE-2025-11715

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr; Thunderbird
Vendor: CVE Published:; 14 October 2025

What is CVE-2025-11715?

Several memory safety bugs have been identified in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143, and Thunderbird 143. These bugs indicate potential memory corruption flaws, which, with sufficient effort, could allow attackers to run arbitrary code. Affected versions are Firefox below 144, Firefox ESR below 140.4, Thunderbird below 144, and Thunderbird ESR below 140.4. It's essential for users to update to the latest versions to mitigate these risks.

Affected Version(s)

Firefox < 144

Firefox ESR < 140.4

Thunderbird < 144

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2...

https://www.mozilla.org/security/advisories/mfsa2025-81/

https://www.mozilla.org/security/advisories/mfsa2025-83/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Oct 13, 2025

Credit

The Mozilla Fuzzing Team

JSON