Memory Safety Issues in Firefox and Thunderbird Products by Mozilla
CVE-2025-14332

7.3HIGH

Key Information:

Vendor: Mozilla
Status: Firefox; Thunderbird
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-14332?

Memory safety vulnerabilities have been identified in Mozilla's Firefox and Thunderbird versions 145, which exhibit signs of memory corruption. If exploited, these bugs could potentially allow attackers to execute arbitrary code on affected systems. The vulnerabilities underscore the importance of keeping software up to date, as they have been addressed in Firefox and Thunderbird version 146. Users are advised to update their browsers to mitigate risks associated with these memory safety issues.

Affected Version(s)

Firefox < 146

Thunderbird < 146

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1963153%2...

https://www.mozilla.org/security/advisories/mfsa2025-92/

https://www.mozilla.org/security/advisories/mfsa2025-95/

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

Credit

Jon Coppeard, Maurice Dauer and the Mozilla Fuzzing Team

JSON