Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Firefox  >> 140.4.0  Security Vulnerabilities
CVE-2025-13018
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-11717
When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox < 144.
CVSS Score
9.1
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11718
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox < 144.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11720
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This vulnerability affects Firefox < 144.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-10-14
CVE-2025-11716
Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox < 144 and Thunderbird < 144.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11152
Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143.0.3.
CVSS Score
8.6
EPSS Score
0.001
Published
2025-09-30
CVE-2025-11153
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 143.0.3.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-30
CVE-2025-10534
Spoofing issue in the Site Permissions component. This vulnerability affects Firefox < 143 and Thunderbird < 143.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-09-16
CVE-2025-10535
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability affects Firefox < 143.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-16
CVE-2025-10530
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 143 and Thunderbird < 143.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved