| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-13015 | Spoofing issue in Firefox | Mozilla | Firefox | 低危 | - | 2025-11-11 15:47:13 | Deep Dive |
| CVE-2025-13013 | Mitigation bypass in the DOM: Core & HTML component | Mozilla | Firefox | 中危 | - | 2025-11-11 15:47:12 | Deep Dive |
| CVE-2025-13014 | Use-after-free in the Audio/Video component | Mozilla | Firefox | 中危 | - | 2025-11-11 15:47:12 | Deep Dive |
| CVE-2025-13012 | Race condition in the Graphics component | Mozilla | Firefox | 高危 | - | 2025-11-11 15:47:11 | Deep Dive |
| CVE-2025-12380 | Use-after-free in WebGPU internals triggered from a compromised child process | Mozilla | Firefox | - | - | 2025-10-28 14:06:35 | Deep Dive |
| CVE-2025-11717 | The password edit screen was not hidden in Android card view | Mozilla | Firefox | - | - | 2025-10-14 12:27:38 | Deep Dive |
| CVE-2025-11718 | Address bar could be spoofed on Android using visibilitychange | Mozilla | Firefox | - | - | 2025-10-14 12:27:38 | Deep Dive |
| CVE-2025-11720 | Spoofing risk in Android custom tabs | Mozilla | Firefox | - | - | 2025-10-14 12:27:38 | Deep Dive |
| CVE-2025-11716 | Sandboxed iframes allowed links to open in external apps (Android only) | Mozilla | Firefox | - | - | 2025-10-14 12:27:37 | Deep Dive |
| CVE-2025-11719 | Use-after-free caused by the native messaging web extension API on Windows | Mozilla | Firefox | - | - | 2025-10-14 12:27:37 | Deep Dive |
| CVE-2025-11721 | Memory safety bug fixed in Firefox 144 and Thunderbird 144 | Mozilla | Firefox | - | - | 2025-10-14 12:27:37 | Deep Dive |
| CVE-2025-11713 | Potential user-assisted code execution in “Copy as cURL” command | Mozilla | Firefox | - | - | 2025-10-14 12:27:36 | Deep Dive |
| CVE-2025-11715 | Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 | Mozilla | Firefox | - | - | 2025-10-14 12:27:36 | Deep Dive |
| CVE-2025-11712 | An OBJECT tag type attribute overrode browser behavior on web resources without a content-type | Mozilla | Firefox | - | - | 2025-10-14 12:27:36 | Deep Dive |
| CVE-2025-11708 | Use-after-free in MediaTrackGraphImpl::GetInstance() | Mozilla | Firefox | - | - | 2025-10-14 12:27:35 | Deep Dive |
| CVE-2025-11714 | Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 | Mozilla | Firefox | - | - | 2025-10-14 12:27:35 | Deep Dive |
| CVE-2025-11710 | Cross-process information leaked due to malicious IPC messages | Mozilla | Firefox | - | - | 2025-10-14 12:27:34 | Deep Dive |
| CVE-2025-11711 | Some non-writable Object properties could be modified | Mozilla | Firefox | - | - | 2025-10-14 12:27:34 | Deep Dive |
| CVE-2025-11709 | Out of bounds read/write in a privileged process triggered by WebGL textures | Mozilla | Firefox | - | - | 2025-10-14 12:27:34 | Deep Dive |
| CVE-2025-11153 | JIT miscompilation in the JavaScript Engine: JIT component | Mozilla | Firefox | - | - | 2025-09-30 12:49:07 | Deep Dive |