PT-2025-30489 · Mozilla+4 · Thunderbird+7

Published

2025-07-22

Updated

2026-02-02

CVE-2025-8040

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird ESR versions prior to 140.1

Description The software contains memory safety bugs, some of which exhibited evidence of memory corruption. It is presumed that, with sufficient effort, these bugs could potentially be exploited to execute arbitrary code.

Recommendations Update Firefox to version 141 or later. Update Firefox ESR to version 140.1 or later. Update Thunderbird to version 141 or later. Update Thunderbird ESR to version 140.1 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2025-10124

ALT-PU-2025-11495

ALT-PU-2025-11497

ALT-PU-2025-9988

BDU:2025-09462

CVE-2025-8040

OESA-2025-2340

OESA-2025-2341

OESA-2025-2359

OESA-2025-2360

OESA-2025-2361

OPENSUSE-SU-2025:15371-1

OPENSUSE-SU-2025:15383-1

OPENSUSE-SU-2025:15386-1

SUSE-SU-2025:02529-1

SUSE-SU-2025:02531-1

SUSE-SU-2025:02546-1

SUSE-SU-2025_02529-1

SUSE-SU-2025_02531-1

USN-7991-1

Affected Products

Alt Linux

Firefox

Firefox Esr

Linuxmint

Suse

Thunderbird

Thunderbird Esr

Ubuntu

PT-2025-30489 · Mozilla+4 · Thunderbird+7

CVE-2025-8040

Weakness Enumeration

Related Identifiers

Affected Products

References · 205