Memory Safety Vulnerabilities in Firefox and Thunderbird by Mozilla
CVE-2025-9184

8.1HIGH

Key Information:

Vendor: Mozilla
Status: Firefox; Firefox Esr; Thunderbird
Vendor: CVE Published:; 19 August 2025

What is CVE-2025-9184?

Memory safety issues have been detected in Firefox and Thunderbird, particularly in versions prior to 142 and 140.2 respectively. These vulnerabilities manifest as memory corruption bugs, which could potentially be leveraged for arbitrary code execution if exploited. Users are urged to upgrade to the latest versions, as updates in Firefox ESR 140.2 and Thunderbird ESR 140.2 address these security flaws, mitigating risks associated with these vulnerabilities.

Affected Version(s)

Firefox < 142

Firefox ESR < 140.2

Thunderbird < 142

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1929482%2...

https://www.mozilla.org/security/advisories/mfsa2025-64/

https://www.mozilla.org/security/advisories/mfsa2025-67/

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2025
Vulnerability Reserved
Aug 19, 2025

Credit

Paul Bone, Ryan VanderMeulen and the Mozilla Fuzzing Team