JIT Miscompilation in Firefox and Firefox ESR by Mozilla
CVE-2025-14325

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-14325?

A vulnerability in the Just-In-Time (JIT) compilation component of Firefox's JavaScript Engine has been identified. This issue affects versions of Firefox prior to 146 and Firefox ESR prior to 140.6, potentially leading to unexpected behavior or exploitation through malicious scripts. Users are recommended to update their browsers to the latest versions to ensure security and functionality.

Affected Version(s)

Firefox < 146

Firefox ESR < 140.6

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1998050

https://www.mozilla.org/security/advisories/mfsa2025-92/

https://www.mozilla.org/security/advisories/mfsa2025-94/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

Credit

JSON