Description
Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.
Published: 2025-09-16
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Same-origin policy bypass
Action: Immediate Patch
AI Analysis

Impact

The vulnerability allows an attacker to bypass the browser's same-origin policy by exploiting a flaw in the Layout component. This flaw is classified as CWE-942 and permits cross-origin data access that would normally be restricted, potentially exposing sensitive information such as cookies, local storage, or other data.

Affected Systems

Vendors affected are Mozilla Firefox and Mozilla Thunderbird. The flaw exists in all Firefox releases prior to version 143 and Firefox ESR 140.3, and in all Thunderbird releases prior to version 143 and Thunderbird ESR 140.3. Users running earlier versions of these products on any supported platform are vulnerable.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity, and the EPSS score of less than 1% suggests a low probability of exploitation at present. The issue is not listed in the CISA KEV catalog. Based on the description, the likely attack vector involves a malicious web page or local content that activates the vulnerable Layout component, allowing an attacker to read data from a different origin. No remote code execution or denial‑of‑service impact is described.

Generated by OpenCVE AI on April 20, 2026 at 17:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Firefox to version 143 or newer, or to ESR 140.3 or newer; Upgrade Thunderbird to version 143 or newer, or to ESR 140.3 or newer.
  • If an update cannot be applied immediately, disable the Layout component in the affected products until the patch is installed or consider using a content security policy that blocks cross‑origin data access.
  • Continue to monitor for suspicious web content and apply the latest security updates as soon as they become available.

Generated by OpenCVE AI on April 20, 2026 at 17:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4305-1 firefox-esr security update
Debian DLA Debian DLA DLA-4311-1 thunderbird security update
Debian DSA Debian DSA DSA-6003-1 firefox-esr security update
Debian DSA Debian DSA DSA-6011-1 thunderbird security update
EUVD EUVD EUVD-2025-29560 This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
Ubuntu USN Ubuntu USN USN-7991-1 Thunderbird vulnerabilities
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Same-origin policy bypass in the Layout component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Oct 2025 16:15:00 +0000

Type Values Removed Values Added
Description This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. Same-origin policy bypass in the Layout component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
Title firefox: thunderbird: Same-origin policy bypass in the Layout component Same-origin policy bypass in the Layout component

Fri, 19 Sep 2025 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Thu, 18 Sep 2025 00:15:00 +0000

Type Values Removed Values Added
Title firefox: thunderbird: Same-origin policy bypass in the Layout component
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:10.0
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 17 Sep 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-942
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Mozilla firefox Esr
Mozilla thunderbird
Vendors & Products Mozilla
Mozilla firefox
Mozilla firefox Esr
Mozilla thunderbird

Tue, 16 Sep 2025 15:00:00 +0000

Type Values Removed Values Added
Description This vulnerability affects Firefox < 143 and Firefox ESR < 140.3. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
References

Tue, 16 Sep 2025 12:45:00 +0000

Type Values Removed Values Added
Description This vulnerability affects Firefox < 143 and Firefox ESR < 140.3.
References

Subscriptions

Mozilla Firefox Firefox Esr Thunderbird
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:28:12.191Z

Reserved: 2025-09-16T06:48:38.059Z

Link: CVE-2025-10529

cve-icon Vulnrichment

Updated: 2025-11-03T18:08:31.807Z

cve-icon NVD

Status : Modified

Published: 2025-09-16T13:15:45.550

Modified: 2026-04-13T15:16:36.150

Link: CVE-2025-10529

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-09-16T12:26:35Z

Links: CVE-2025-10529 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T18:00:11Z

Weaknesses