PT-2025-49860 · Mozilla+6 · Firefox+9

Published

2025-01-01

·

Updated

2026-02-06

·

CVE-2025-14333

CVSS v3.1

8.1

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 140.6 Thunderbird versions prior to 146 Thunderbird ESR versions prior to 140.6
Description The software contains memory safety bugs that could potentially lead to arbitrary code execution. Evidence suggests memory corruption is possible.
Recommendations Update Firefox to version 146 or later. Update Firefox ESR to version 140.6 or later. Update Thunderbird to version 146 or later. Update Thunderbird ESR to version 140.6 or later.

Fix

DoS

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALSA-2025:23034
ALSA-2025:23035
ALSA-2025:23128
ALSA-2025:23856
ALSA-2026:0025
ALSA-2026:0026
BDU:2025-15642
CVE-2025-14333
DLA-4401-1
DLA-4405-1
DSA-6078-1
DSA-6081-1
MGASA-2025-0328
MGASA-2025-0329
OESA-2026-1085
OESA-2026-1086
OESA-2026-1088
OESA-2026-1089
OESA-2026-1090
OESA-2026-1264
OESA-2026-1285
OPENSUSE-SU-2025:15809-1
OPENSUSE-SU-2025:15813-1
OPENSUSE-SU-2025:15814-1
OPENSUSE-SU-2026:20014-1
OPENSUSE-SU-2026:20046-1
RHSA-2026:0003
RHSA-2026:0004
RHSA-2026:0005
RHSA-2026:0006
RHSA-2026:0007
RHSA-2026:0013
RHSA-2026:0014
RHSA-2026:0015
RHSA-2026:0016
RHSA-2026:0017
RHSA-2026:0018
RHSA-2026:0019
RHSA-2026:0020
RHSA-2026:0021
RHSA-2026:0022
RHSA-2026:0023
RHSA-2026:0024
RHSA-2026:0025
RHSA-2026:0026
RHSA-2026:0124
RHSA-2026:0127
SUSE-SU-2025:4396-1
SUSE-SU-2025:4397-1
SUSE-SU-2025:4424-1
SUSE-SU-2026:20031-1

Affected Products

Alt Linux
Almalinux
Centos
Debian
Firefox
Firefox Esr
Red Hat
Rocky Linux
Thunderbird
Thunderbird Esr