Spoofing Vulnerability in Firefox Browser by Mozilla
CVE-2025-9183

6.5MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr
Vendor: CVE Published:; 19 August 2025

What is CVE-2025-9183?

A spoofing vulnerability has been identified in the Address Bar component of Firefox, impacting versions below 142 and Firefox ESR below 140.2. This flaw could allow attackers to mislead users regarding the authenticity of URLs displayed in the Address Bar, potentially leading to phishing attacks and other security threats. Users are advised to update to the latest versions of Firefox to mitigate risks associated with this vulnerability.

Affected Version(s)

Firefox < 142

Firefox ESR < 140.2

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1976102

https://www.mozilla.org/security/advisories/mfsa2025-64/

https://www.mozilla.org/security/advisories/mfsa2025-67/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2025
Vulnerability Reserved
Aug 19, 2025

Credit

Renwa