Memory Safety Bugs in Firefox and Thunderbird by Mozilla
CVE-2025-6436

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-6436?

Mozilla's Firefox and Thunderbird have been found to contain memory safety bugs that can potentially lead to memory corruption. These vulnerabilities, affecting versions prior to 140, raise concerns as they may be leveraged to execute arbitrary code, posing a risk to users. Prompt updates to the latest versions are recommended to mitigate these vulnerabilities and safeguard your data.

Affected Version(s)

Firefox < 140

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1941377%2...

https://www.mozilla.org/security/advisories/mfsa2025-51/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Jun 20, 2025

Credit

Andrew McCreight, Gabriele Svelto, Beth Rennie (she/her), the Mozilla Fuzzing Team