| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11718 | Address bar could be spoofed on Android using visibilitychange | Mozilla | Firefox | - | - | 2025-10-14 12:27:38 | Deep Dive |
| CVE-2025-11717 | The password edit screen was not hidden in Android card view | Mozilla | Firefox | - | - | 2025-10-14 12:27:38 | Deep Dive |
| CVE-2025-11721 | Memory safety bug fixed in Firefox 144 and Thunderbird 144 | Mozilla | Firefox | - | - | 2025-10-14 12:27:37 | Deep Dive |
| CVE-2025-11719 | Use-after-free caused by the native messaging web extension API on Windows | Mozilla | Firefox | - | - | 2025-10-14 12:27:37 | Deep Dive |
| CVE-2025-11716 | Sandboxed iframes allowed links to open in external apps (Android only) | Mozilla | Firefox | - | - | 2025-10-14 12:27:37 | Deep Dive |
| CVE-2025-11712 | An OBJECT tag type attribute overrode browser behavior on web resources without a content-type | Mozilla | Firefox | - | - | 2025-10-14 12:27:36 | Deep Dive |
| CVE-2025-11713 | Potential user-assisted code execution in “Copy as cURL” command | Mozilla | Firefox | - | - | 2025-10-14 12:27:36 | Deep Dive |
| CVE-2025-11715 | Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 | Mozilla | Firefox | - | - | 2025-10-14 12:27:36 | Deep Dive |
| CVE-2025-11708 | Use-after-free in MediaTrackGraphImpl::GetInstance() | Mozilla | Firefox | - | - | 2025-10-14 12:27:35 | Deep Dive |
| CVE-2025-11714 | Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 | Mozilla | Firefox | - | - | 2025-10-14 12:27:35 | Deep Dive |
| CVE-2025-11709 | Out of bounds read/write in a privileged process triggered by WebGL textures | Mozilla | Firefox | - | - | 2025-10-14 12:27:34 | Deep Dive |
| CVE-2025-11710 | Cross-process information leaked due to malicious IPC messages | Mozilla | Firefox | - | - | 2025-10-14 12:27:34 | Deep Dive |
| CVE-2025-11711 | Some non-writable Object properties could be modified | Mozilla | Firefox | - | - | 2025-10-14 12:27:34 | Deep Dive |
| CVE-2025-11153 | JIT miscompilation in the JavaScript Engine: JIT component | Mozilla | Firefox | - | - | 2025-09-30 12:49:07 | Deep Dive |
| CVE-2025-10859 | Data stored in cookies for non-HTML content while browsing Incognito could be viewed after closing private tabs | Mozilla | Firefox for iOS | - | - | 2025-09-30 12:49:07 | Deep Dive |
| CVE-2025-11152 | Sandbox escape due to integer overflow in the Graphics: Canvas2D component | Mozilla | Firefox | - | - | 2025-09-30 12:49:06 | Deep Dive |
| CVE-2025-10534 | Spoofing issue in the Site Permissions component | Mozilla | Firefox | - | - | 2025-09-16 12:26:39 | Deep Dive |
| CVE-2025-10535 | Information disclosure, mitigation bypass in the Privacy component in Firefox for Android | Mozilla | Firefox | - | - | 2025-09-16 12:26:39 | Deep Dive |
| CVE-2025-10530 | Spoofing issue in the WebAuthn component in Firefox for Android | Mozilla | Firefox | - | - | 2025-09-16 12:26:38 | Deep Dive |
| CVE-2025-10531 | Mitigation bypass in the Web Compatibility: Tooling component | Mozilla | Firefox | - | - | 2025-09-16 12:26:38 | Deep Dive |