CVE-2025-5268 - Vulnerability Details

- Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11

Description

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.

Published: 2025-05-27

Score: 8.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is a memory safety issue that can lead to memory corruption in Mozilla's Firefox and Thunderbird applications, specifically in versions 138 and 128.10. The bugs could, with sufficient effort, allow an attacker to execute arbitrary code, compromising the confidentiality, integrity, and availability of the affected system.

Affected Systems

Mozilla Firefox and Thunderbird users running the vulnerable releases—Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10—are impacted. The issue has been addressed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11. Systems using these products should verify their installed version to ensure they are on the fixed releases.

Risk and Exploitability

The vulnerability carries a CVSS score of 8.1, indicating high severity. The EPSS score is below 1%, suggesting low but non-zero likelihood of exploitation at this time, and the vulnerability is not listed as a known exploited vulnerability in CISA's KEV catalog. The attack path likely involves memory corruption triggered by user-supplied input, potentially allowing a malicious webpage or email attachment to achieve remote code execution if the exploit is successful.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Mozilla

Firefox

affected

Version	Status	Constraints
`128.11`	unaffected	≤ 128.*
`139`	unaffected	≤ *

Mozilla

Thunderbird

affected

Version	Status	Constraints
`128.11`	unaffected	≤ 128.*
`139`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox:::::esr:::*
	cpe:2.3:a:mozilla:firefox:::::-:::*
	cpe:2.3:a:mozilla:thunderbird::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 10
firefox-0:128.11.0-1.el10_0	cpe:/o:redhat:enterprise_linux:10.0	RHSA-2025:8341	2025-06-02T00:00:00Z
thunderbird-0:128.11.0-1.el10_0	cpe:/o:redhat:enterprise_linux:10.0	RHSA-2025:8608	2025-06-05T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support
firefox-0:128.11.0-1.el7_9	cpe:/o:redhat:rhel_els:7	RHSA-2025:9074	2025-06-16T00:00:00Z
Red Hat Enterprise Linux 8
firefox-0:128.11.0-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:8308	2025-05-29T00:00:00Z
thunderbird-0:128.11.0-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:8756	2025-06-10T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
thunderbird-0:128.11.0-1.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:8631	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:9075	2025-06-16T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
thunderbird-0:128.11.0-1.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:8630	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:9076	2025-06-16T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
thunderbird-0:128.11.0-1.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:8629	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:9155	2025-06-17T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
thunderbird-0:128.11.0-1.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:8629	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:9155	2025-06-17T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
thunderbird-0:128.11.0-1.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:8629	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:9155	2025-06-17T00:00:00Z
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
thunderbird-0:128.11.0-1.el8_8	cpe:/a:redhat:rhel_tus:8.8	RHSA-2025:8628	2025-06-09T00:00:00Z
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
thunderbird-0:128.11.0-1.el8_8	cpe:/a:redhat:rhel_e4s:8.8	RHSA-2025:8628	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el8_8	cpe:/a:redhat:rhel_e4s:8.8	RHSA-2025:9077	2025-06-16T00:00:00Z
Red Hat Enterprise Linux 9
firefox-0:128.11.0-1.el9_6	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:8293	2025-05-29T00:00:00Z
thunderbird-0:128.11.0-1.el9_6	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:8607	2025-06-05T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
thunderbird-0:128.11.0-1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:8598	2025-06-05T00:00:00Z
firefox-0:128.11.0-1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:9073	2025-06-16T00:00:00Z
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
thunderbird-0:128.11.0-1.el9_2	cpe:/a:redhat:rhel_e4s:9.2	RHSA-2025:8642	2025-06-09T00:00:00Z
firefox-0:128.11.0-1.el9_2	cpe:/a:redhat:rhel_e4s:9.2	RHSA-2025:9071	2025-06-16T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
thunderbird-0:128.11.0-1.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:8599	2025-06-05T00:00:00Z
firefox-0:128.11.0-1.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:9072	2025-06-16T00:00:00Z

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update Firefox to version 139 or later, Thunderbird to version 139 or later, and the ESR releases to 128.11 or later.
If your environment uses Red Hat Enterprise Linux or Debian, ensure that the latest security updates from the official repositories include the updated browser releases and apply them promptly.
Until the update can be deployed, consider disabling or uninstalling add-ons that rely on legacy code paths to reduce the attack surface for potential exploitation.

Generated by OpenCVE AI on April 20, 2026 at 17:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-4191-1	firefox-esr security update
Debian DLA	DLA-4194-1	thunderbird security update
Debian DSA	DSA-5926-1	firefox-esr security update
Debian DSA	DSA-5932-1	thunderbird security update
EUVD	EUVD-2025-16340	Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
Ubuntu USN	USN-7663-1	Thunderbird vulnerabilities

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00436.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634
https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html
https://nvd.nist.gov/vuln/detail/CVE-2025-5268
https://www.cve.org/CVERecord?id=CVE-2025-5268
https://www.mozilla.org/en-US/security/advisories/mfsa2025-44/#CVE-2025-5268
https://www.mozilla.org/en-US/security/advisories/mfsa2025-46/#CVE-2025-5268
https://www.mozilla.org/security/advisories/mfsa2025-42/
https://www.mozilla.org/security/advisories/mfsa2025-44/
https://www.mozilla.org/security/advisories/mfsa2025-45/
https://www.mozilla.org/security/advisories/mfsa2025-46/

History

Mon, 13 Apr 2026 15:00:00 +0000

Type	Values Removed	Values Added
Description	Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.	Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.

Mon, 03 Nov 2025 20:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html

Thu, 30 Oct 2025 16:30:00 +0000

Type	Values Removed	Values Added
Title	firefox: thunderbird: Memory safety bugs	Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11

Tue, 23 Sep 2025 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-77

Tue, 23 Sep 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}`	cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Mon, 16 Jun 2025 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Els
CPEs		cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat rhel Els

Wed, 11 Jun 2025 12:15:00 +0000

Type	Values Removed	Values Added
Description	Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Firefox ESR < 128.11.	Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
References		https://www.mozilla.org/security/advisories/mfsa2025-45/ https://www.mozilla.org/security/advisories/mfsa2025-46/

Tue, 10 Jun 2025 06:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel Tus
CPEs		cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:8.8 cpe:/a:redhat:rhel_e4s:9.2 cpe:/a:redhat:rhel_tus:8.6 cpe:/a:redhat:rhel_tus:8.8
Vendors & Products		Redhat rhel Aus Redhat rhel Tus

Fri, 06 Jun 2025 22:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:9.4
Vendors & Products		Redhat rhel E4s Redhat rhel Eus

Tue, 03 Jun 2025 06:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:10.0

Fri, 30 May 2025 01:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mozilla Mozilla firefox Mozilla thunderbird
CPEs		cpe:2.3:a:mozilla:firefox:::::-:::* cpe:2.3:a:mozilla:firefox:::::esr:::* cpe:2.3:a:mozilla:thunderbird::::::::
Vendors & Products		Mozilla Mozilla firefox Mozilla thunderbird

Thu, 29 May 2025 19:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Thu, 29 May 2025 02:45:00 +0000

Type	Values Removed	Values Added
Title		firefox: thunderbird: Memory safety bugs
Weaknesses		CWE-119
References		https://nvd.nist.gov/vuln/detail/CVE-2025-5268 https://www.cve.org/CVERecord?id=CVE-2025-5268 https://www.mozilla.org/en-US/security/advisories/mfsa2025-44/#CVE-2025-5268 https://www.mozilla.org/en-US/security/advisories/mfsa2025-46/#CVE-2025-5268
Metrics	threat_severity `None`	threat_severity `Moderate`

Tue, 27 May 2025 18:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-77
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 27 May 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Firefox ESR < 128.11.
References		https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634 https://www.mozilla.org/security/advisories/mfsa2025-42/ https://www.mozilla.org/security/advisories/mfsa2025-44/

Subscriptions

Mozilla Firefox Thunderbird

Redhat Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2025-05-27T12:29:26.941Z

Updated: 2026-04-13T14:29:13.932Z

Reserved: 2025-05-27T12:29:26.556Z

Link: CVE-2025-5268

Vulnrichment

Updated: 2025-11-03T20:06:09.907Z

NVD

Status : Modified

Published: 2025-05-27T13:15:22.610

Modified: 2026-04-13T15:17:04.673

Link: CVE-2025-5268

Redhat

Severity : Moderate

Publid Date: 2025-05-27T12:29:26Z

Links: CVE-2025-5268 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-20T17:15:12Z

Weaknesses

CWE-119

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object