{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14325", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-12-09T13:37:58.128Z", "datePublished": "2025-12-09T13:37:58.843Z", "dateUpdated": "2026-04-13T14:25:35.644Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "140.6", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "146", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "140.6", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "146", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6."}]}], "title": "JIT miscompilation in the JavaScript Engine: JIT component", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1998050"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-92/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-94/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-95/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-96/"}], "credits": [{"lang": "en", "value": "zx"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:25:35.644Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-843", "lang": "en", "description": "CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-12-09T17:04:03.255293Z", "id": "CVE-2025-14325", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T15:11:20.728Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-14325", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-09T17:04:03.255293Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-843", "description": "CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T17:03:49.043Z"}}], "cna": {"title": "JIT miscompilation in the JavaScript Engine: JIT component", "credits": [{"lang": "en", "value": "zx"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "140.6", "versionType": "rpm", "lessThanOrEqual": "140.*"}, {"status": "unaffected", "version": "146", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "140.6", "versionType": "rpm", "lessThanOrEqual": "140.*"}, {"status": "unaffected", "version": "146", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1998050"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-92/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-94/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-95/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-96/"}], "descriptions": [{"lang": "en", "value": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.", "supportingMedia": [{"type": "text/html", "value": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:25:35.644Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14325", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:25:35.644Z", "dateReserved": "2025-12-09T13:37:58.128Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-12-09T13:37:58.843Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "A580DBD9-518B-4261-9FA8-DDFB1C5175E1", "versionEndExcluding": "140.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "3EF4CBBC-DCB5-4540-8B8A-91DA759ED631", "versionEndExcluding": "146.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*", "matchCriteriaId": "F04F8674-52CC-4217-B94A-8C5E80C5B996", "versionEndExcluding": "140.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*", "matchCriteriaId": "1CB46BC7-512D-45BF-BCF4-73FDDF94DBAF", "versionEndExcluding": "146.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6."}], "id": "CVE-2025-14325", "lastModified": "2026-04-13T15:16:45.593", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-12-09T16:17:40.010", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1998050"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-843"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "firefox: JIT miscompilation in the JavaScript Engine: JIT component", "id": "2420504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420504"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-94", "details": ["No description is available for this CVE."], "name": "CVE-2025-14325", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/firefox-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T13:37:58Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-14325\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-14325\nhttps://www.mozilla.org/security/advisories/mfsa2025-94/#CVE-2025-14325"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Important"}

{"analysis": {"en": {"generated_at": "2026-04-20T21:33:30.237354+00:00", "value": {"mitigation_remediation": ["Update Firefox to version\u202f146 or later, or to the ESR\u202f140.6 release series.", "Update Thunderbird to version\u202f146 or later, or to the ESR\u202f140.6 release series.", "As an interim measure, apply strict content security policies or sandboxing to limit execution of untrusted JavaScript if an upgrade cannot be performed immediately."], "summary": {"action": "Apply Patch", "impact": "Potential arbitrary native code execution"}, "threat_synthesis": {"affected_systems": "Mozilla products are affected, specifically Firefox and Thunderbird, including their ESR branches. Versions before Firefox\u202f146, Firefox\u202fESR\u202f140.6, Thunderbird\u202f146, and Thunderbird\u202fESR\u202f140.6 are vulnerable.", "description_and_impact": "The flaw is a miscompilation bug in the JavaScript engine\u2019s JIT component, leading to incorrect machine code generation. Based on the nature of JIT miscompilation, the vulnerability could permit execution of arbitrary native code, but this impact is inferred from the description. The weakness relates to CWE\u2011843 (data conversion errors) and CWE\u201194 (code injection).", "risk_and_exploitability": "The CVSS score of 7.3 indicates high severity, while the EPSS score of less than 1\u202f% suggests a low probability of exploitation currently. The vulnerability is not listed in CISA\u2019s KEV catalog. The likely attack vector is delivery of malicious JavaScript through a web page or webmail interface, inferred from the vulnerability affecting a JavaScript engine. Exploitation would require the attacker to supply crafted JavaScript to the victim\u2019s machine, which may be achieved via compromised websites or phishing emails. No public exploit is available, and the low EPSS score mitigates immediate threat, but the high severity warrants prompt remediation."}}}}, "created": "2025-12-10T17:51:48.257532+00:00", "updated": "2026-04-20T21:45:18.956580+00:00", "vendors": ["mozilla", "mozilla$PRODUCT$firefox", "mozilla$PRODUCT$firefox_esr"]}