- Description
- Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
- Source
- security@mozilla.org
- NVD status
- Modified
- Products
- firefox
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-703
- Hype score
- Not currently trending
A newly discovered WebAssembly flaw in Firefox exposed more than 180 million users after a subtle memory error went unnoticed for six months. Identified as CVE-2025-13016, the bug slipped past review and testing before being detected by Aisle’s autonomous analyzer. The issue h
@securityblvd
4 Dec 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Mozilla Firefox [—] Dec 02, 2025 Product Security Advisory regarding CVE-2025-13016, a high-severity WebAssembly boundary condition vulnerability. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #LLM https://t.co/A3qzxYuzow
@transilienceai
2 Dec 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Massive Firefox vulnerability! CVE-2025-13016 affects 180 MILLION users. Update your browser NOW to patch this critical flaw and stay safe! #FirefoxPatch #VulnerabilityAlert https://t.co/2jd0VmK0RP
@xcybersecnews
30 Nov 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FirefoxのWebAssembly実装に深刻な脆弱性(CVE-2025-13016) https://t.co/HYEqMzjNrL #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
@securityLab_jp
28 Nov 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AI security firm AISLE revealed CVE-2025-13016, a critical Firefox Wasm bug that risked 180M users for six months. https://t.co/0pohKtgMmg
@blackwired32799
27 Nov 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More #TrustValleyCH https://t.co/77UG1baoiX
@TrustValleyCH
26 Nov 2025
147 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 #Firefox alert - CVE-2025-13016 puts ~180 million users at risk. A memory-safety flaw in Firefox’s WebAssembly engine can allow remote code execution via malformed WebAssembly payloads. Affected: Firefox < 145, Firefox ESR < 140.5, plus some versions of Thunderbird
@MNovofastovsky
26 Nov 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users https://t.co/zh3f7vaGAY
@Dinosn
25 Nov 2025
1248 Impressions
0 Retweets
4 Likes
4 Bookmarks
0 Replies
0 Quotes
We've found a high-severity zero-day vulnerability in Firefox using @WeAreAisle's autonomous AI security system. It's now going by the name of CVE-2025-13016. If you're interested, here's my detailed technical blog post: https://t.co/o13azuTBw0 https://t.co/Jv3WbkChRH
@stanislavfort
24 Nov 2025
8355 Impressions
24 Retweets
115 Likes
58 Bookmarks
4 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"matchCriteriaId": "D77916A6-B8C6-475D-8D77-D5D3AA1E1F43",
"versionEndExcluding": "140.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*",
"matchCriteriaId": "445D5AED-0882-46FE-A5F1-B7148B923221",
"versionEndExcluding": "145.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]