| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4083 | Process isolation bypass using "javascript:" URI links in cross-origin frames | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:37 | Deep Dive |
| CVE-2025-4082 | WebGL shader attribute memory corruption in Thunderbird for macOS | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:35 | Deep Dive |
| CVE-2025-2817 | Privilege escalation in Thunderbird Updater | Mozilla | Firefox | 高危 | - | 2025-04-29 13:13:34 | Deep Dive |
| CVE-2025-3608 | Race condition in nsHttpTransaction could lead to memory corruption | Mozilla | Firefox | - | - | 2025-04-15 12:57:29 | Deep Dive |
| CVE-2025-3035 | Tab title disclosure across pages when using AI chatbot | Mozilla | Firefox | - | - | 2025-04-01 12:29:07 | Deep Dive |
| CVE-2025-3034 | Memory safety bugs fixed in Firefox 137 and Thunderbird 137 | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:06 | Deep Dive |
| CVE-2025-3033 | Opening local .url files could lead to another file being opened | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:04 | Deep Dive |
| CVE-2025-3032 | Leaking file descriptors from the fork server | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:03 | Deep Dive |
| CVE-2025-3031 | JIT optimization bug with different stack slot sizes | Mozilla | Firefox | 中危 | - | 2025-04-01 12:29:02 | Deep Dive |
| CVE-2025-3030 | Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9 | Mozilla | Firefox | 高危 | - | 2025-04-01 12:29:01 | Deep Dive |
| CVE-2025-3029 | URL Bar Spoofing via non-BMP Unicode characters | Mozilla | Firefox | 中危 | - | 2025-04-01 12:28:59 | Deep Dive |
| CVE-2025-3028 | Use-after-free triggered by XSLTProcessor | Mozilla | Firefox | 高危 | - | 2025-04-01 12:28:58 | Deep Dive |
| CVE-2025-2857 | Incorrect handle could lead to sandbox escapes | Mozilla | Firefox | - | - | 2025-03-27 13:27:57 | Deep Dive |
| CVE-2025-27425 | QR code user confirmation bypass with invalid protocol | Mozilla | Firefox for iOS | 中危 | - | 2025-03-04 13:31:29 | Deep Dive |
| CVE-2025-1943 | Memory safety bugs fixed in Firefox 136 and Thunderbird 136 | Mozilla | Firefox | 高危 | - | 2025-03-04 13:31:28 | Deep Dive |
| CVE-2025-27424 | Firefox Mobile iOS Address Bar Spoof Using Server-Side Redirect to non-http Scheme | Mozilla | Firefox for iOS | 中危 | - | 2025-03-04 13:31:28 | Deep Dive |
| CVE-2025-27426 | Firefox Mobile iOS Full Address Bar Spoof Using Server-Side Redirect to internal error page | Mozilla | Firefox for iOS | 中危 | - | 2025-03-04 13:31:28 | Deep Dive |
| CVE-2025-1938 | Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 | Mozilla | Firefox | 中危 | - | 2025-03-04 13:31:27 | Deep Dive |
| CVE-2025-1937 | Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 | Mozilla | Firefox | 高危 | - | 2025-03-04 13:31:27 | Deep Dive |
| CVE-2025-1936 | Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents | Mozilla | Firefox | 中危 | - | 2025-03-04 13:31:26 | Deep Dive |