External Application Prompt Bypass in Firefox for Android
CVE-2025-6431

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-6431?

A security flaw in Firefox for Android allows an attacker to bypass the user prompt when opening links in external applications. This flaw could potentially lead to exposure of sensitive information or privacy breaches as users may unknowingly allow harmful applications access to their data. The vulnerability specifically affects versions of Firefox for Android prior to version 140, while other Firefox platforms remain unaffected. Users are encouraged to update their browsers to safeguard against potential exploitation.

Affected Version(s)

Firefox < 140

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1942716

https://www.mozilla.org/security/advisories/mfsa2025-51/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Jun 20, 2025

Credit

Umar Farooq

Mozilla

What is CVE-2025-6431?

Affected Version(s)

References

Timeline

Credit