PT-2025-49857 · Mozilla+8 · Firefox Esr+9

Rong Bao

Published

2025-01-01

Updated

2026-02-06

CVE-2025-14330

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 140.6

Description The JavaScript Engine’s JIT component contains a JIT miscompilation issue.

Recommendations Update Firefox to version 146 or later. Update Firefox ESR to version 140.6 or later.

Fix

Buffer Overflow

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-843CWE-686

Related Identifiers

ALSA-2025:23034

ALSA-2025:23035

ALSA-2025:23128

ALSA-2025:23856

ALSA-2026:0025

ALSA-2026:0026

BDU:2025-16359

CVE-2025-14330

DLA-4401-1

DLA-4405-1

DSA-6078-1

DSA-6081-1

MGASA-2025-0328

MGASA-2025-0329

OESA-2026-1085

OESA-2026-1086

OESA-2026-1088

OESA-2026-1089

OESA-2026-1090

OESA-2026-1264

OESA-2026-1285

OPENSUSE-SU-2025:15809-1

OPENSUSE-SU-2025:15813-1

OPENSUSE-SU-2025:15814-1

OPENSUSE-SU-2026:20014-1

OPENSUSE-SU-2026:20046-1

RHSA-2026:0003

RHSA-2026:0004

RHSA-2026:0005

RHSA-2026:0006

RHSA-2026:0007

RHSA-2026:0013

RHSA-2026:0014

RHSA-2026:0015

RHSA-2026:0016

RHSA-2026:0017

RHSA-2026:0018

RHSA-2026:0019

RHSA-2026:0020

RHSA-2026:0021

RHSA-2026:0022

RHSA-2026:0023

RHSA-2026:0024

RHSA-2026:0025

RHSA-2026:0026

RHSA-2026:0124

RHSA-2026:0127

SUSE-SU-2025:4396-1

SUSE-SU-2025:4397-1

SUSE-SU-2025:4424-1

SUSE-SU-2026:20031-1

USN-7991-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Firefox

Firefox Esr

Linuxmint

Red Hat

Rocky Linux

Ubuntu

PT-2025-49857 · Mozilla+8 · Firefox Esr+9

CVE-2025-14330

Weakness Enumeration

Related Identifiers

Affected Products

References · 266