Memory Safety Vulnerabilities in Mozilla Firefox and Thunderbird Products
CVE-2025-14333

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Firefox Esr
Vendor
CVE Published:
9 December 2025

What is CVE-2025-14333?

Recent memory safety issues in Mozilla's Firefox and Thunderbird products have been identified, notably in versions 140.5 and 145. These vulnerabilities may lead to memory corruption, posing a potential risk of arbitrary code execution. Users are advised to upgrade to updated versions, specifically Firefox ESR 140.6 and Thunderbird ESR 140.6 or later, to mitigate the risks associated with these vulnerabilities.

Affected Version(s)

Firefox < 146

Firefox ESR < 140.6

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2...
https://www.mozilla.org/security/advisories/mfsa2025-92/
https://www.mozilla.org/security/advisories/mfsa2025-94/

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Maurice Dauer and the Mozilla Fuzzing Team
JSON
.
CVE-2025-14333 : Memory Safety Vulnerabilities in Mozilla Firefox and Thunderbird Products