Security Advisory

CVE-2025-11719

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-14 12:27:36

Last updated 2026-04-13 14:31:23

Assigner mozilla

State PUBLISHED

Description

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144.

← Browse all CVEs View on cve.org ↗