CVE-2025-11709

Published: Oct 14, 2025Modified: Apr 13, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

Affected (4)

Products: Mozilla: Firefox, Thunderbird

2 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Before 144.0
Mozilla Firefox	Before 115.29.0
Mozilla Firefox	From 116.0 to 140.4.0
Mozilla Thunderbird	Before 144.0

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (8)

https://bugzilla.mozilla.org/show_bug.cgi?id=1989127

Source: security@mozilla.org

Issue TrackingPermissions Required

https://www.mozilla.org/security/advisories/mfsa2025-81/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-82/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-83/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-84/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-85/

Source: security@mozilla.org

Vendor Advisory

https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.