Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

  • Published: May 27, 2025
  • Updated: Jun 12, 2025
  • CVE: CVE-2025-5264
  • Exploit:

No technical information available.

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / firefox - 139.0
mozilla / firefox - 115.24.0
mozilla / firefox 116.0 128.11.0