Race Condition Vulnerability in Mozilla Firefox Web Browser
CVE-2025-13012

7.5HIGH

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr; Thunderbird
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-13012?

A race condition exists in the Graphics component of Mozilla Firefox. This vulnerability can occur under specific conditions, potentially leading to unexpected behavior or crashes in the affected versions. It impacts users running Firefox versions below 145 and Firefox ESR below 140.5 and 115.30. Prompt updates are recommended to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Firefox < 145

Firefox ESR < 140.5

Firefox ESR < 115.30

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1991458

https://www.mozilla.org/security/advisories/mfsa2025-87/

https://www.mozilla.org/security/advisories/mfsa2025-88/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Nov 11, 2025

Credit

Irvan Kurniawan

JSON