PT-2025-49851 · Mozilla+9 · Firefox Esr+10

Lingming Zhang

Published

2025-01-01

Updated

2026-02-06

CVE-2025-14324

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 115.31 Firefox ESR versions prior to 140.6

Description The JavaScript Engine contains a JIT miscompilation issue within its JIT component. This can lead to potential problems during code execution.

Recommendations Update Firefox to version 146 or later. Update Firefox ESR to version 115.31 or later. Update Firefox ESR to version 140.6 or later.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

ALSA-2025:23034

ALSA-2025:23035

ALSA-2025:23128

ALSA-2025:23856

ALSA-2026:0025

ALSA-2026:0026

BDU:2025-15640

CVE-2025-14324

DLA-4401-1

DLA-4405-1

DSA-6078-1

DSA-6081-1

MGASA-2025-0328

MGASA-2025-0329

OESA-2026-1085

OESA-2026-1086

OESA-2026-1088

OESA-2026-1089

OESA-2026-1090

OESA-2026-1264

OESA-2026-1285

OPENSUSE-SU-2025:15809-1

OPENSUSE-SU-2025:15813-1

OPENSUSE-SU-2025:15814-1

OPENSUSE-SU-2026:20014-1

OPENSUSE-SU-2026:20046-1

RHSA-2026:0003

RHSA-2026:0004

RHSA-2026:0005

RHSA-2026:0006

RHSA-2026:0007

RHSA-2026:0013

RHSA-2026:0014

RHSA-2026:0015

RHSA-2026:0016

RHSA-2026:0017

RHSA-2026:0018

RHSA-2026:0019

RHSA-2026:0020

RHSA-2026:0021

RHSA-2026:0022

RHSA-2026:0023

RHSA-2026:0024

RHSA-2026:0025

RHSA-2026:0026

RHSA-2026:0124

RHSA-2026:0127

SUSE-SU-2025:4396-1

SUSE-SU-2025:4397-1

SUSE-SU-2025:4424-1

SUSE-SU-2026:20031-1

USN-7991-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Firefox

Firefox Esr

Linuxmint

Red Hat

Red Os

Rocky Linux

Ubuntu

CVE-2025-14324

Weakness Enumeration

Related Identifiers

Affected Products

References · 267