{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14323", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-12-09T13:37:55.768Z", "datePublished": "2025-12-09T13:37:56.358Z", "dateUpdated": "2026-04-13T14:25:31.606Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "115.31", "lessThanOrEqual": "115.*", "versionType": "rpm"}, {"status": "unaffected", "version": "140.6", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "146", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "140.6", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "146", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6."}]}], "title": "Privilege escalation in the DOM: Notifications component", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996555"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-92/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-93/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-94/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-95/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-96/"}], "credits": [{"lang": "en", "value": "tiebuchen"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:25:31.606Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-14323", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-10T04:57:12.450670Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T16:57:08.149Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-14323", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-10T04:57:12.450670Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T15:24:14.635Z"}}], "cna": {"title": "Privilege escalation in the DOM: Notifications component", "credits": [{"lang": "en", "value": "tiebuchen"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "115.31", "versionType": "rpm", "lessThanOrEqual": "115.*"}, {"status": "unaffected", "version": "140.6", "versionType": "rpm", "lessThanOrEqual": "140.*"}, {"status": "unaffected", "version": "146", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "140.6", "versionType": "rpm", "lessThanOrEqual": "140.*"}, {"status": "unaffected", "version": "146", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996555"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-92/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-93/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-94/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-95/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-96/"}], "descriptions": [{"lang": "en", "value": "Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.", "supportingMedia": [{"type": "text/html", "value": "Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:25:31.606Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14323", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:25:31.606Z", "dateReserved": "2025-12-09T13:37:55.768Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-12-09T13:37:56.358Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "22C1C512-2D57-4BCB-ABE2-5CA41F354AA1", "versionEndExcluding": "115.31.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "3EF4CBBC-DCB5-4540-8B8A-91DA759ED631", "versionEndExcluding": "146.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "AB211B63-E6CF-4D11-BCEE-CF495FA0B0EF", "versionEndExcluding": "140.6.0", "versionStartIncluding": "116.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*", "matchCriteriaId": "F04F8674-52CC-4217-B94A-8C5E80C5B996", "versionEndExcluding": "140.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*", "matchCriteriaId": "1CB46BC7-512D-45BF-BCF4-73FDDF94DBAF", "versionEndExcluding": "146.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6."}], "id": "CVE-2025-14323", "lastModified": "2026-04-13T15:16:45.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-12-09T16:17:39.700", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996555"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-93/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "firefox: Privilege escalation in the DOM: Notifications component", "id": "2420513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420513"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-14323", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/firefox-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T13:37:56Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-14323\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-14323\nhttps://www.mozilla.org/security/advisories/mfsa2025-94/#CVE-2025-14323"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Important"}

{"analysis": {"en": {"generated_at": "2026-04-22T03:51:33.962285+00:00", "value": {"mitigation_remediation": ["Upgrade to Mozilla Firefox 146 or newer (or ESR 115.31 or newer) and to Mozilla Thunderbird 146 or newer (or ESR 140.6 or newer).", "Disable the Notifications API in the browser\u2019s settings (e.g., via about:config or site permissions) until the patch is applied.", "Use trusted extensions, such as content blockers, to suppress or filter notification requests from untrusted origins as a temporary measure."], "summary": {"action": "Immediate Patch", "impact": "Privilege escalation via browser notifications"}, "threat_synthesis": {"affected_systems": "Mozilla Firefox versions older than 146, Firefox ESR releases older than 115.31 and 140.6, Mozilla Thunderbird versions older than 146, and Thunderbird ESR releases earlier than 140.6 are affected.", "description_and_impact": "The flaw lies in the DOM Notifications component of Mozilla Firefox and Thunderbird. It allows a malicious web page that invokes the Notifications API to bypass normal access controls and elevate its privileges within the browser\u2019s execution context. Based on the description, it is inferred that the attacker can exploit the bug simply by hosting a site that triggers a notification request, thereby gaining higher privileges that can affect the local user\u2019s data or enable additional malicious behaviour.", "risk_and_exploitability": "The CVSS score of 8.8 indicates high severity, while the EPSS score of less than 1% indicates a low but nonzero exploitation probability. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a malicious site that invokes the Notifications API, exploiting insufficient validation or permissions within the browser."}}}}, "created": "2025-12-10T17:50:56.587266+00:00", "updated": "2026-04-22T04:00:07.990835+00:00", "vendors": ["mozilla", "mozilla$PRODUCT$firefox", "mozilla$PRODUCT$firefox_esr"]}