Description
Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 138 and Thunderbird 138.
Published: 2025-04-29
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Now
AI Analysis

Impact

Memory safety bugs were identified in Firefox 137 and Thunderbird 137 that enable memory corruption, and it is presumed that with sufficient effort an attacker could execute arbitrary code. The flaws involve stack and heap buffer overflows (CWE‑119 and CWE‑120). A successful exploitation would give an attacker the ability to run code with the same privileges as the user, potentially leading to full system compromise.

Affected Systems

Mozilla Firefox version 137 and Mozilla Thunderbird version 137 are affected. Updates through Firefox 138 and Thunderbird 138 contain the necessary fixes.

Risk and Exploitability

The vulnerability carries a CVSS score of 6.5, reflecting moderate severity. The EPSS score is below 1%, indicating a low likelihood of exploitation under current conditions. It is not listed in CISA’s KEV catalog. While the exact attack vector is not explicitly documented, based on the nature of memory corruption in browsers it is inferred that exploitation could be achieved through a malicious web page, HTML content, or email attachment containing crafted data. The impact would be equivalent to remote code execution if the exploit succeeds.

Generated by OpenCVE AI on April 20, 2026 at 17:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Firefox and Thunderbird version 138 or later, ensuring that the patch is fully applied
  • Configure the operating system to run application processes with the least privilege necessary
  • Monitor for anomalous crashes or memory usage patterns that may indicate an attempted exploitation

Generated by OpenCVE AI on April 20, 2026 at 17:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-12653 Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138.
Ubuntu USN Ubuntu USN USN-7991-1 Thunderbird vulnerabilities
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138. Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 138 and Thunderbird 138.
Title firefox: thunderbird: Memory safety bugs fixed in Firefox 138 and Thunderbird 138 Memory safety bugs fixed in Firefox 138 and Thunderbird 138

Fri, 09 May 2025 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Mozilla thunderbird
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*
Vendors & Products Mozilla
Mozilla firefox
Mozilla thunderbird

Thu, 01 May 2025 02:45:00 +0000

Type Values Removed Values Added
Title firefox: thunderbird: Memory safety bugs fixed in Firefox 138 and Thunderbird 138
Weaknesses CWE-120
References
Metrics threat_severity

None

 threat_severity

Important

Tue, 29 Apr 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 29 Apr 2025 13:30:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138.
References

Subscriptions

Mozilla Firefox Thunderbird
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:28:52.122Z

Reserved: 2025-04-29T13:13:48.785Z

Link: CVE-2025-4092

cve-icon Vulnrichment

Updated: 2025-04-29T15:36:07.217Z

cve-icon NVD

Status : Modified

Published: 2025-04-29T14:15:35.820

Modified: 2026-04-13T15:17:01.073

Link: CVE-2025-4092

cve-icon Redhat

Severity : Important

Publid Date: 2025-04-29T13:13:49Z

Links: CVE-2025-4092 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T17:15:12Z

Weaknesses