CVE-2025-6425 Information

Description

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and normal/private browsing mode but not profiles. This vulnerability affects Firefox < 140 Firefox ESR < 115.25 and Firefox ESR < 128.12.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1717672 https://www.mozilla.org/security/advisories/mfsa2025-51/ https://www.mozilla.org/security/advisories/mfsa2025-52/ https://www.mozilla.org/security/advisories/mfsa2025-53/

Related CNNVD

CNNVD-202506-3008 (Published: 2025-06-24)