Memory Safety Bugs in Firefox Browser by Mozilla
CVE-2025-14861

8.8HIGH

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-14861?

Memory safety bugs in Firefox versions earlier than 146.0.1 have been identified, potentially leading to memory corruption issues. With sufficient exploitation efforts, these vulnerabilities could enable arbitrary code execution, posing significant risks to user security. Mozilla has released a fix in version 146.0.1 to mitigate these issues, underscoring the importance of updating to ensure optimal protection against potential threats.

Affected Version(s)

Firefox < 146.0.1

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1996570%2...

https://www.mozilla.org/security/advisories/mfsa2025-98/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Dec 18, 2025

Credit

Andrew McCreight and the Mozilla Fuzzing Team

JSON