| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-10859 | Data stored in cookies for non-HTML content while browsing Incognito could be viewed after closing private tabs | Mozilla | Firefox for iOS | - | - | 2025-09-30 12:49:07 | Deep Dive |
| CVE-2025-11152 | Sandbox escape due to integer overflow in the Graphics: Canvas2D component | Mozilla | Firefox | - | - | 2025-09-30 12:49:06 | Deep Dive |
| CVE-2025-10535 | Information disclosure, mitigation bypass in the Privacy component in Firefox for Android | Mozilla | Firefox | - | - | 2025-09-16 12:26:39 | Deep Dive |
| CVE-2025-10534 | Spoofing issue in the Site Permissions component | Mozilla | Firefox | - | - | 2025-09-16 12:26:39 | Deep Dive |
| CVE-2025-10290 | Opening links via the contextual menu in Focus for iOS would not update the toolbar UI correctly, allowing attackers to spoof websites | Mozilla | Focus for iOS | - | - | 2025-09-16 12:26:39 | Deep Dive |
| CVE-2025-10531 | Mitigation bypass in the Web Compatibility: Tooling component | Mozilla | Firefox | - | - | 2025-09-16 12:26:38 | Deep Dive |
| CVE-2025-10530 | Spoofing issue in the WebAuthn component in Firefox for Android | Mozilla | Firefox | - | - | 2025-09-16 12:26:38 | Deep Dive |
| CVE-2025-10537 | Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 | Mozilla | Firefox | - | - | 2025-09-16 12:26:37 | Deep Dive |
| CVE-2025-10536 | Information disclosure in the Networking: Cache component | Mozilla | Firefox | - | - | 2025-09-16 12:26:37 | Deep Dive |
| CVE-2025-10532 | Incorrect boundary conditions in the JavaScript: GC component | Mozilla | Firefox | - | - | 2025-09-16 12:26:36 | Deep Dive |
| CVE-2025-10529 | Same-origin policy bypass in the Layout component | Mozilla | Firefox | - | - | 2025-09-16 12:26:36 | Deep Dive |
| CVE-2025-10533 | Integer overflow in the SVG component | Mozilla | Firefox | - | - | 2025-09-16 12:26:35 | Deep Dive |
| CVE-2025-10528 | Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component | Mozilla | Firefox | - | - | 2025-09-16 12:26:35 | Deep Dive |
| CVE-2025-10527 | Sandbox escape due to use-after-free in the Graphics: Canvas2D component | Mozilla | Firefox | - | - | 2025-09-16 12:26:35 | Deep Dive |
| CVE-2025-55033 | Drag and drop gestures in Focus for iOS could allow JavaScript links to be executed incorrectly | Mozilla | Focus for iOS | 中危 | - | 2025-08-19 20:52:51 | Deep Dive |
| CVE-2025-55032 | Focus incorrectly ignores Content-Disposition headers for some MIME types | Mozilla | Focus for iOS | 中危 | - | 2025-08-19 20:52:50 | Deep Dive |
| CVE-2025-55031 | Passkey phishing within Bluetooth range | Mozilla | Firefox for iOS | 超危 | - | 2025-08-19 20:52:50 | Deep Dive |
| CVE-2025-55029 | Malicious scripts could spam popups for denial of service attacks | Mozilla | Firefox for iOS | 高危 | - | 2025-08-19 20:52:50 | Deep Dive |
| CVE-2025-55030 | Content-Disposition headers incorrectly ignored for some MIME types | Mozilla | Firefox for iOS | 中危 | - | 2025-08-19 20:52:49 | Deep Dive |
| CVE-2025-55028 | JavaScript alerts could impede UI interaction or allow denial of service attacks | Mozilla | Firefox for iOS | 中危 | - | 2025-08-19 20:52:49 | Deep Dive |