Security Advisory

CVE-2025-10528

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-16 12:26:35

Last updated 2026-04-13 14:28:09

Assigner mozilla

State PUBLISHED

Description

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

← Browse all CVEs View on cve.org ↗