{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6425", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-06-20T14:51:28.050Z", "datePublished": "2025-06-24T12:27:59.987Z", "dateUpdated": "2026-04-13T14:26:06.659Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "115.25", "lessThanOrEqual": "115.*", "versionType": "rpm"}, {"status": "unaffected", "version": "128.12", "lessThanOrEqual": "128.*", "versionType": "rpm"}, {"status": "unaffected", "version": "140", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "128.12", "lessThanOrEqual": "128.*", "versionType": "rpm"}, {"status": "unaffected", "version": "140", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12."}]}], "title": "The WebCompat WebExtension shipped with Firefox exposed a persistent UUID", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1717672"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-51/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-52/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-53/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-54/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-55/"}], "credits": [{"lang": "en", "value": "Rob Wu"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:26:06.659Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-06-25T14:21:41.910497Z", "id": "CVE-2025-6425", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-25T14:30:48.734Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00002.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00029.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:07:00.354Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00002.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00029.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:07:00.354Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-6425", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-25T14:21:41.910497Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-25T14:21:44.307Z"}}], "cna": {"title": "The WebCompat WebExtension shipped with Firefox exposed a persistent UUID", "credits": [{"lang": "en", "value": "Rob Wu"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "115.25", "versionType": "rpm", "lessThanOrEqual": "115.*"}, {"status": "unaffected", "version": "128.12", "versionType": "rpm", "lessThanOrEqual": "128.*"}, {"status": "unaffected", "version": "140", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "128.12", "versionType": "rpm", "lessThanOrEqual": "128.*"}, {"status": "unaffected", "version": "140", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1717672"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-51/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-52/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-53/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-54/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-55/"}], "descriptions": [{"lang": "en", "value": "An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.", "supportingMedia": [{"type": "text/html", "value": "An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:26:06.659Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6425", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:26:06.659Z", "dateReserved": "2025-06-20T14:51:28.050Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-06-24T12:27:59.987Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "CC066347-9B64-4991-AD04-A52785491963", "versionEndExcluding": "115.25.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "77D2BF2A-26A3-4664-93B5-B41BCF17AC9E", "versionEndExcluding": "140.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "152204C0-14F9-4342-8BDF-EE016A70C203", "versionEndExcluding": "128.12.0", "versionStartIncluding": "116.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12."}, {"lang": "es", "value": "Un atacante que enumerara recursos desde la extensi\u00f3n WebCompat podr\u00eda haber obtenido un UUID persistente que identificaba el navegador y persist\u00eda entre contenedores y el modo de navegaci\u00f3n normal/privado, pero no entre perfiles. Esta vulnerabilidad afecta a Firefox < 140, Firefox ESR < 115.25 y Firefox ESR < 128.12."}], "id": "CVE-2025-6425", "lastModified": "2026-04-13T15:17:06.333", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-06-24T13:15:23.403", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1717672"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-51/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-52/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-53/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-54/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-55/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00029.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00002.html"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:10073", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "firefox-0:128.12.0-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10195", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "thunderbird-0:128.12.0-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10181", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "firefox-0:128.12.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10074", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:128.12.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10246", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:128.12.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10166", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:128.12.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10182", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:128.12.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10165", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:128.12.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10184", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:128.12.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10164", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "thunderbird-0:128.12.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10183", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "firefox-0:128.12.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10164", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "thunderbird-0:128.12.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10183", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "firefox-0:128.12.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10164", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "thunderbird-0:128.12.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10183", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "firefox-0:128.12.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10163", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "thunderbird-0:128.12.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10186", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "firefox-0:128.12.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10163", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "thunderbird-0:128.12.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10186", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "firefox-0:128.12.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10072", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:128.12.0-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10196", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:128.12.0-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10161", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "thunderbird-0:128.12.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10187", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "firefox-0:128.12.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10160", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "thunderbird-0:128.12.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10185", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "firefox-0:128.12.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10159", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "thunderbird-0:128.12.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-07-01T00:00:00Z"}, {"advisory": "RHSA-2025:10188", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "firefox-0:128.12.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-07-02T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID", "id": "2374562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374562"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.", "A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and normal/private browsing mode but not profiles."], "name": "CVE-2025-6425", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/firefox-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/thunderbird-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2025-06-24T12:27:59Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-6425\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-6425\nhttps://www.mozilla.org/security/advisories/mfsa2025-53/#CVE-2025-6425"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-20T18:11:10.042517+00:00", "value": {"mitigation_remediation": ["Upgrade to Firefox 140, Firefox ESR 115.25 or newer, or Firefox ESR 128.12, and to Thunderbird 140 or Thunderbird ESR 128.12, which contain the fix.", "If the upgrade cannot be performed immediately, disable or remove the WebCompat extension to prevent UUID extraction.", "Monitor for any tracking or data collection that could use the UUID; review browser logs for suspicious external requests."], "summary": {"action": "Update Browser", "impact": "Information Exposure"}, "threat_synthesis": {"affected_systems": "Mozilla Firefox versions older than 140, including all ESR releases prior to 115.25 and 128.12, as well as Mozilla Thunderbird versions older than 140, including ESR 128.12. The vulnerability also affects systems that ship bundled packages of these browsers, such as Red\u202fHat Enterprise Linux\u202f8,\u202f9,\u202f10, and their variations, where the extension is preinstalled. Any device running one of these affected browsers is at risk unless the browser has been updated to a patched release.", "description_and_impact": "The flaw in the WebCompat extension allows an attacker who enumerates its resource files to retrieve a UUID that is unique to the browser installation. This identifier remains the same across normal and private browsing modes as well as container instances, enabling continued tracking of the same browser even when the user switches profiles. Because the UUID persists at the browser level, the attacker can link multiple browsing sessions to a single user without requiring any active user involvement. This weakness is an information disclosure scenario, matching CWE-200.", "risk_and_exploitability": "The CVSS score of 4.3 indicates a moderate impact, and the EPSS score of less than 1% suggests a low likelihood of exploitation at the time of this analysis. It is not listed in CISA\u2019s KEV catalog, which further reduces the perceived threat level. Attackers would need to identify the extension\u2019s resources (a local or web-based enumeration step) and then read the UUID, after which they could use it to persistently identify the user across browsing contexts. No known public exploits have been reported, but the persistence nature of the data provides potentially significant privacy concerns."}}}}, "created": "2025-07-06T22:16:28.026894+00:00", "updated": "2026-04-20T18:15:13.618024+00:00", "vendors": ["mozilla", "mozilla$PRODUCT$firefox", "mozilla$PRODUCT$firefox_esr"]}