CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.6%

CVSS Severity

CVSS v3 Score 9.8

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1991950
https://www.mozilla.org/security/advisories/mfsa2025-81/
https://www.mozilla.org/security/advisories/mfsa2025-84/

Products affected by CVE-2025-11719

Mozilla » Firefox » Version: 143.0

cpe:2.3:a:mozilla:firefox:143.0
Mozilla » Thunderbird » Version: 143.0

cpe:2.3:a:mozilla:thunderbird:143.0
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-11719

Products

Pricing

Contact Us