CVE-2025-6426

Summary

The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox128.12 <= 128.*unaffected
MozillaFirefox140 <= *unaffected
MozillaThunderbird128.12 <= 128.*unaffected
MozillaThunderbird140 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References