JIT Miscompilation in Firefox Affects Mozilla Products
CVE-2025-14324

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-14324?

A JIT miscompilation vulnerability identified in the JavaScript Engine of Firefox may lead to undefined behavior. This flaw impacts various versions of Firefox, including the standard version prior to 146 and the Extended Support Release versions below 115.31 and 140.6. Users are advised to update their browsers to mitigate potential risks associated with this vulnerability, as it can interfere with the execution of JavaScript, posing security concerns that need to be addressed.

Affected Version(s)

Firefox < 146

Firefox ESR < 115.31

Firefox ESR < 140.6

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1996840

https://www.mozilla.org/security/advisories/mfsa2025-92/

https://www.mozilla.org/security/advisories/mfsa2025-93/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

Credit

Lingming Zhang

JSON