Multiple Mozilla Firefox Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-14860 CVSS:8.8

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the Disability Access APIs component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

CVE-2025-14861 CVSS:8.8

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

Impact

Code Execution
Denial of Service

Indicators of Compromise

CVE

CVE-2025-14860
CVE-2025-14861

Affected Vendors

Mozilla

Affected Products

Mozilla Firefox 146.0.0

Remediation

Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.

Mozilla Foundation Security Advisory

RedLine Stealer – Active IOCs

Multiple Zoho ManageEngine Vulnerabilities

Multiple Mozilla Firefox Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan