Description
Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 140 and Thunderbird 140.
Published: 2025-06-24
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

These memory safety bugs were found in Firefox 139 and Thunderbird 139. They involve unsafe memory handling that could lead to corruption. If successfully exploited, they may allow an attacker to gain control of the application, leading to arbitrary code execution. The weakness is classified as CWE‑119, which indicates out‑of‑bounds read or write vulnerabilities.

Affected Systems

The bugs affect Mozilla Firefox version 139 and Mozilla Thunderbird version 139. Any installation of these versions, regardless of platform, is vulnerable. The issue was addressed in Firefox 140 and Thunderbird 140, so users of newer releases are not impacted.

Risk and Exploitability

The CVSS score of 8.1 denotes high severity. The EPSS score is below 1%, suggesting that the likelihood of exploitation is low but not zero. The vulnerability is not listed in CISA’s KEV catalog, implying no known widespread exploitation at present. The attack vector would typically involve delivering malicious web content or email that triggers the vulnerable memory handling, but attackers would need significant effort to create a working exploit.

Generated by OpenCVE AI on April 20, 2026 at 16:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mozilla Firefox to version 140 or later to eliminate the memory safety bugs.
  • Upgrade Mozilla Thunderbird to version 140 or later to eliminate the memory safety bugs.
  • Enable automatic updates for Mozilla applications and regularly monitor security advisories to ensure timely application of future patches.

Generated by OpenCVE AI on April 20, 2026 at 16:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-19098 Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140 and Thunderbird < 140.
Ubuntu USN Ubuntu USN USN-7991-1 Thunderbird vulnerabilities
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140 and Thunderbird < 140. Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 140 and Thunderbird 140.

Thu, 13 Nov 2025 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:* cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Thu, 30 Oct 2025 16:30:00 +0000

Type Values Removed Values Added
Title firefox: Memory safety bugs fixed in Firefox 140 and Thunderbird 140 Memory safety bugs fixed in Firefox 140 and Thunderbird 140

Sat, 04 Oct 2025 00:00:00 +0000

Type Values Removed Values Added
References

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00056}

 epss

{'score': 0.00077}

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00059}

 epss

{'score': 0.00056}

Mon, 14 Jul 2025 18:45:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140. Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140 and Thunderbird < 140.
References

Thu, 03 Jul 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
Vendors & Products Mozilla
Mozilla firefox

Thu, 26 Jun 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H'}

 cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Thu, 26 Jun 2025 00:30:00 +0000

Type Values Removed Values Added
Title firefox: Memory safety bugs fixed in Firefox 140 and Thunderbird 140
References
Metrics threat_severity

None

 threat_severity

Important

Wed, 25 Jun 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Jun 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Jun 2025 12:45:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140.
References

Subscriptions

Mozilla Firefox Thunderbird
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:31:14.873Z

Reserved: 2025-06-20T14:51:44.671Z

Link: CVE-2025-6436

cve-icon Vulnrichment

Updated: 2025-06-24T17:40:16.016Z

cve-icon NVD

Status : Modified

Published: 2025-06-24T13:15:24.677

Modified: 2026-04-13T15:17:08.313

Link: CVE-2025-6436

cve-icon Redhat

Severity : Important

Publid Date: 2025-06-24T12:28:04Z

Links: CVE-2025-6436 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T17:00:12Z

Weaknesses