External Application Prompt Bypass in Firefox for Android
CVE-2025-6431

6.5MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-6431?

A security flaw in Firefox for Android allows an attacker to bypass the user prompt when opening links in external applications. This flaw could potentially lead to exposure of sensitive information or privacy breaches as users may unknowingly allow harmful applications access to their data. The vulnerability specifically affects versions of Firefox for Android prior to version 140, while other Firefox platforms remain unaffected. Users are encouraged to update their browsers to safeguard against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Firefox < 140

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1942716

https://www.mozilla.org/security/advisories/mfsa2025-51/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Jun 20, 2025

Credit

Umar Farooq

JSON

Mozilla

What is CVE-2025-6431?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.