CVE-2025-6435 Information

Description

If a user saved a response from the Network tab in Devtools using the Save As context menu option that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1950056 https://bugzilla.mozilla.org/show_bug.cgi?id=1961777 https://www.mozilla.org/security/advisories/mfsa2025-51/

Related CNNVD

CNNVD-202506-3076 (Published: 2025-06-24)