Memory Safety Vulnerabilities in Firefox and Thunderbird by Mozilla
CVE-2025-8035

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr; Thunderbird
Vendor: CVE Published:; 22 July 2025

What is CVE-2025-8035?

The vulnerability affecting Mozilla's Firefox and Thunderbird is associated with memory safety bugs that can potentially lead to memory corruption. These flaws are present in certain versions of Firefox and Thunderbird, specifically in the ESR 128.12 and 140.0 series, which could allow attackers to execute arbitrary code with sufficient effort. Users are strongly advised to update to the latest versions, as Mozilla has addressed these issues in the most recent releases.

Affected Version(s)

Firefox < 141

Firefox ESR < 128.13

Firefox ESR < 140.1

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1975961%2...

https://www.mozilla.org/security/advisories/mfsa2025-56/

https://www.mozilla.org/security/advisories/mfsa2025-58/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
Jul 22, 2025

Credit

the Mozilla Fuzzing Team