Mozilla Product Security Update Advisory
Overview
We have released security updates to fix vulnerabilities in Mozilla products. Users of affected products are advised to update to the latest version.
Affected Products
CVE-2025-14321, CVE-2025-14322, CVE-2025-14323, CVE-2025-14324, CVE-2025-14325
Firefox Versions: 146 and below
Firefox ESR Version: 115.31 and earlier
Firefox ESR version: 140.6 or earlier
Thunderbird version: 146 or lower
Thunderbird version: 140.6 or lower
Resolved Vulnerabilities
Memory post-free use vulnerability in WebRTC Signaling in Mozilla products (CVE-2025-14321)
Sandbox escape vulnerability due to a boundary condition error in Graphics in Mozilla products (CVE-2025-14322)
Privilege escalation vulnerability in the DOM of Mozilla products (CVE-2025-14323)
JIT miscompilation vulnerability in the JavaScript Engine JIT in Mozilla products (CVE-2025-14324)
JIT miscompilation vulnerability in the JavaScript Engine JIT in Mozilla products (CVE-2025-14325)
Vulnerability Patches
Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2025-14321, CVE-2025-14322, CVE-2025-14323, CVE-2025-14324, CVE-2025-14325
Firefox version: 146
Firefox ESR Version: 115.31
Firefox ESR version: 140.6
Thunderbird version: 146
Thunderbird version: 140.6
References
[1] December 9, 2025
https://www.mozilla.org/en-US/security/advisories/
[2] Security Vulnerabilities fixed in Thunderbird 140.6
https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/
[3] Security Vulnerabilities fixed in Thunderbird 146
https://www.mozilla.org/en-US/security/advisories/mfsa2025-95/
[4] Security Vulnerabilities fixed in Firefox ESR 140.6
https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/
[5] Security Vulnerabilities fixed in Firefox ESR 115.31
https://www.mozilla.org/en-US/security/advisories/mfsa2025-93/
[6] Security Vulnerabilities fixed in Firefox 146
https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/