CVE-2025-4919 – Mozilla Firefox Zero-Day Vulnerability

Severity

High

Analysis Summary

CVE-2025-4919

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read or write on a JavaScript object by confusing array index sizes. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

Impact

Denial of Service
Code Execution

Indicators of Compromise

CVE

CVE-2025-4919

Affected Vendors

Mozilla

Affected Products

Mozilla Firefox ESR - 128.10.0
Mozilla Firefox - 138.0.3
Mozilla Firefox ESR - 115.23.0

Remediation

Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.

Mozilla Foundation Security Advisory

CVE-2025-41232 – VMware Tanzu Spring Security Vulnerability

Multiple Trend Micro Apex Zero-Day Vulnerabilities

CVE-2025-4919 – Mozilla Firefox Zero-Day Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan