Security Advisory

CVE-2025-11709

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-14 12:27:33

Last updated 2026-04-13 14:29:18

Assigner mozilla

State PUBLISHED

Description

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

← Browse all CVEs View on cve.org ↗