| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4092 | Memory safety bugs fixed in Firefox 138 and Thunderbird 138 | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:49 | Deep Dive |
| CVE-2025-4091 | Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:48 | Deep Dive |
| CVE-2025-4090 | Leaked library paths in Thunderbird for Android | Mozilla | Firefox | 低危 | - | 2025-04-29 13:13:47 | Deep Dive |
| CVE-2025-4089 | Potential local code execution in "copy as cURL" command | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:45 | Deep Dive |
| CVE-2025-4088 | Cross-site request forgery via storage access API redirects | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:44 | Deep Dive |
| CVE-2025-4087 | Unsafe attribute access during XPath parsing | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:42 | Deep Dive |
| CVE-2025-4086 | Specially crafted filename could be used to obscure download type | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:41 | Deep Dive |
| CVE-2025-4085 | Potential information leakage and privilege escalation in UITour actor | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:39 | Deep Dive |
| CVE-2025-4084 | Potential local code execution in "copy as cURL" command | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:38 | Deep Dive |
| CVE-2025-4083 | Process isolation bypass using "javascript:" URI links in cross-origin frames | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:37 | Deep Dive |
| CVE-2025-4082 | WebGL shader attribute memory corruption in Thunderbird for macOS | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:35 | Deep Dive |
| CVE-2025-2817 | Privilege escalation in Thunderbird Updater | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:34 | Deep Dive |
| CVE-2025-3523 | User Interface (UI) Misrepresentation of attachment URL | Mozilla | Thunderbird | - | - | 2025-04-15 15:06:14 | Deep Dive |
| CVE-2025-2830 | Information Disclosure of /tmp directory listing | Mozilla | Thunderbird | - | - | 2025-04-15 15:06:14 | Deep Dive |
| CVE-2025-3522 | Leak of hashed Window credentials via crafted attachment URL | Mozilla | Thunderbird | - | - | 2025-04-15 15:06:14 | Deep Dive |
| CVE-2025-3034 | Memory safety bugs fixed in Firefox 137 and Thunderbird 137 | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:06 | Deep Dive |
| CVE-2025-3033 | Opening local .url files could lead to another file being opened | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:04 | Deep Dive |
| CVE-2025-3032 | Leaking file descriptors from the fork server | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:03 | Deep Dive |
| CVE-2025-3031 | JIT optimization bug with different stack slot sizes | Mozilla | Firefox | 中危 | - | 2025-04-01 12:29:02 | Deep Dive |
| CVE-2025-3030 | Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9 | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:01 | Deep Dive |