Description
Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 136 and Thunderbird 136.
Published: 2025-03-04
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution through memory corruption
Action: Immediate Patch
AI Analysis

Impact

Memory safety bugs in Firefox 135 and Thunderbird 135, including buffer copy without bounding checks (CWE-120) and buffer overflows (CWE-122), caused memory corruption and could, with enough effort, allow an attacker to execute arbitrary code. The vulnerable code could corrupt internal data structures leading to execution of injected instructions.

Affected Systems

The affected products are Mozilla Firefox and Mozilla Thunderbird, specifically the 135 releases. Versions 136 and later contain the fixes that eliminate the exploitable bugs.

Risk and Exploitability

The CVSS score of 8.2 classifies this vulnerability as high risk. The EPSS score of less than 1% indicates a low current probability of exploitation, but the vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is inferred to be remote, potentially via malicious web or email content that the affected browsers process. The exploitation would grant the attacker arbitrary code execution and compromise the confidentiality, integrity, and availability of the victim’s system.

Generated by OpenCVE AI on April 20, 2026 at 18:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Firefox 136 or later to receive the security fix.
  • Upgrade to Thunderbird 136 or later to receive the security fix.
  • Restart the applications after upgrading to ensure the new code is loaded.

Generated by OpenCVE AI on April 20, 2026 at 18:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-6083 Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136 and Thunderbird < 136.
Ubuntu USN Ubuntu USN USN-7991-1 Thunderbird vulnerabilities
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136 and Thunderbird < 136. Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 136 and Thunderbird 136.
Title firefox: thunderbird: Memory safety bugs fixed in Firefox 136 and Thunderbird 136 Memory safety bugs fixed in Firefox 136 and Thunderbird 136

Thu, 26 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 03 Apr 2025 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Mozilla thunderbird
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Vendors & Products Mozilla
Mozilla firefox
Mozilla thunderbird

Wed, 05 Mar 2025 03:00:00 +0000

Type Values Removed Values Added
Title firefox: thunderbird: Memory safety bugs fixed in Firefox 136 and Thunderbird 136
Weaknesses CWE-120
References
Metrics threat_severity

None

 threat_severity

Important

Wed, 05 Mar 2025 00:00:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136. Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136 and Thunderbird < 136.
References

Tue, 04 Mar 2025 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-122
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Mar 2025 13:45:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136.
References

Subscriptions

Mozilla Firefox Thunderbird
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:30:29.965Z

Reserved: 2025-03-04T12:29:53.878Z

Link: CVE-2025-1943

cve-icon Vulnrichment

Updated: 2025-03-04T14:09:54.735Z

cve-icon NVD

Status : Modified

Published: 2025-03-04T14:15:39.260

Modified: 2026-04-13T15:16:54.107

Link: CVE-2025-1943

cve-icon Redhat

Severity : Important

Publid Date: 2025-03-04T13:31:27Z

Links: CVE-2025-1943 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T18:30:13Z

Weaknesses