Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2025-5266

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

  • Published: May 27, 2025
  • Updated: Jun 12, 2025
  • CVE: CVE-2025-5266
  • Exploit:

No technical information available.

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / firefox - 128.11.0
mozilla / firefox - 139.0