| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-5269 | Memory safety bug fixed in Firefox ESR 128.11 and Thunderbird 128.11 | Mozilla | Firefox | - | - | 2025-05-27 12:29:28 | Deep Dive |
| CVE-2025-5268 | Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11 | Mozilla | Firefox | - | - | 2025-05-27 12:29:27 | Deep Dive |
| CVE-2025-5267 | Clickjacking vulnerability could have led to leaking saved payment card details | Mozilla | Firefox | - | - | 2025-05-27 12:29:26 | Deep Dive |
| CVE-2025-5266 | Script element events leaked cross-origin resource status | Mozilla | Firefox | - | - | 2025-05-27 12:29:25 | Deep Dive |
| CVE-2025-5265 | Potential local code execution in “Copy as cURL” command | Mozilla | Firefox | - | - | 2025-05-27 12:29:24 | Deep Dive |
| CVE-2025-5264 | Potential local code execution in “Copy as cURL” command | Mozilla | Firefox | - | - | 2025-05-27 12:29:24 | Deep Dive |
| CVE-2025-5263 | Error handling for script execution was incorrectly isolated from web content | Mozilla | Firefox | - | - | 2025-05-27 12:29:23 | Deep Dive |
| CVE-2025-5020 | Links using non-HTTP schemes opened from other apps such as Safari could have allowed spoofing of website addresses | Mozilla | Firefox for iOS | - | - | 2025-05-21 17:18:09 | Deep Dive |
| CVE-2025-4919 | Out-of-bounds access when optimizing linear sums | Mozilla | Firefox | - | - | 2025-05-17 21:07:28 | Deep Dive |
| CVE-2025-4918 | Out-of-bounds access when resolving Promise objects | Mozilla | Firefox | - | - | 2025-05-17 21:07:27 | Deep Dive |
| CVE-2025-4093 | Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10 | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:51 | Deep Dive |
| CVE-2025-4092 | Memory safety bugs fixed in Firefox 138 and Thunderbird 138 | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:49 | Deep Dive |
| CVE-2025-4091 | Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:48 | Deep Dive |
| CVE-2025-4090 | Leaked library paths in Thunderbird for Android | Mozilla | Firefox | 低危 | - | 2025-04-29 13:13:47 | Deep Dive |
| CVE-2025-4089 | Potential local code execution in "copy as cURL" command | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:45 | Deep Dive |
| CVE-2025-4088 | Cross-site request forgery via storage access API redirects | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:44 | Deep Dive |
| CVE-2025-4087 | Unsafe attribute access during XPath parsing | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:42 | Deep Dive |
| CVE-2025-4086 | Specially crafted filename could be used to obscure download type | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:41 | Deep Dive |
| CVE-2025-4085 | Potential information leakage and privilege escalation in UITour actor | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:39 | Deep Dive |
| CVE-2025-4084 | Potential local code execution in "copy as cURL" command | Mozilla | Firefox | 中危 | - | 2025-04-29 13:13:38 | Deep Dive |