8.1
CVE-2025-8032 - XSLT documents could bypass CSP
XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.
8.1
CVE-2025-8036 - DNS rebinding circumvents CORS
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
8.1
CVE-2025-8030 - Potential user-assisted code execution in โCopy as cURLโ command
Insufficient escaping in the โCopy as cURLโ feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.
9.1
CVE-2025-8037 - Nameless cookies shadow secure cookies
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
8.1
CVE-2025-8029 - javascript: URLs executed on object and embed tags
Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.
6.5
CVE-2025-8027 - JavaScript engine only wrote partial return value to stack
On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thundeโฆ
9.8
CVE-2025-8028 - Large branch table could lead to truncated instruction
On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thundeโฆ
8.7
CVE-2025-7724 - Unauthenticated command injection on VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2
An unauthenticated OS command injection vulnerability existsย in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407.
8.5
CVE-2025-7723 - Authenticated command injection on VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2
A command injection vulnerability exists that can be exploited after authenticationย in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407.
4.5
CVE-2024-38335 - IBM Security QRadar Network Threat Analytics denial of service
IBM Security QRadar Network Threat Analytics 1.0.0 through 1.3.1 could allow a privileged user to cause a denial of service due to improper allocation of resources.