Executable File Warning Bypass in Firefox for macOS
CVE-2025-6426

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-6426?

A security flaw in Firefox for macOS fails to properly warn users about opening files with the terminal extension, potentially allowing malicious files to be executed without warning. This issue is limited to specific versions of Firefox and does not affect other platforms or versions. Users are encouraged to update to the latest versions to mitigate risks associated with this vulnerability.

Affected Version(s)

Firefox < 140

Firefox ESR < 128.12

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1964385

https://www.mozilla.org/security/advisories/mfsa2025-51/

https://www.mozilla.org/security/advisories/mfsa2025-53/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Jun 20, 2025

Credit

pwn2car

Mozilla

What is CVE-2025-6426?

Affected Version(s)

References

Timeline

Credit