AI description
CVE-2025-13016 involves incorrect boundary conditions within the JavaScript: WebAssembly component. This vulnerability affects several software applications. Specifically, the vulnerability impacts Firefox versions earlier than 145, Firefox ESR versions earlier than 140.5, Thunderbird versions earlier than 145, and Thunderbird versions earlier than 140.5.
- Description
- Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
- Source
- security@mozilla.org
- NVD status
- Modified
- Products
- firefox
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-703
- Hype score
- Not currently trending
A newly discovered WebAssembly flaw in Firefox exposed more than 180 million users after a subtle memory error went unnoticed for six months. Identified as CVE-2025-13016, the bug slipped past review and testing before being detected by Aisle’s autonomous analyzer. The issue h
@securityblvd
4 Dec 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Mozilla Firefox [—] Dec 02, 2025 Product Security Advisory regarding CVE-2025-13016, a high-severity WebAssembly boundary condition vulnerability. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #LLM https://t.co/A3qzxYuzow
@transilienceai
2 Dec 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Massive Firefox vulnerability! CVE-2025-13016 affects 180 MILLION users. Update your browser NOW to patch this critical flaw and stay safe! #FirefoxPatch #VulnerabilityAlert https://t.co/2jd0VmK0RP
@xcybersecnews
30 Nov 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FirefoxのWebAssembly実装に深刻な脆弱性(CVE-2025-13016) https://t.co/HYEqMzjNrL #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
@securityLab_jp
28 Nov 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AI security firm AISLE revealed CVE-2025-13016, a critical Firefox Wasm bug that risked 180M users for six months. https://t.co/0pohKtgMmg
@blackwired32799
27 Nov 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More #TrustValleyCH https://t.co/77UG1baoiX
@TrustValleyCH
26 Nov 2025
147 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 #Firefox alert - CVE-2025-13016 puts ~180 million users at risk. A memory-safety flaw in Firefox’s WebAssembly engine can allow remote code execution via malformed WebAssembly payloads. Affected: Firefox < 145, Firefox ESR < 140.5, plus some versions of Thunderbird
@MNovofastovsky
26 Nov 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users https://t.co/zh3f7vaGAY
@Dinosn
25 Nov 2025
1248 Impressions
0 Retweets
4 Likes
4 Bookmarks
0 Replies
0 Quotes
We've found a high-severity zero-day vulnerability in Firefox using @WeAreAisle's autonomous AI security system. It's now going by the name of CVE-2025-13016. If you're interested, here's my detailed technical blog post: https://t.co/o13azuTBw0 https://t.co/Jv3WbkChRH
@stanislavfort
24 Nov 2025
8355 Impressions
24 Retweets
115 Likes
58 Bookmarks
4 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D77916A6-B8C6-475D-8D77-D5D3AA1E1F43",
"versionEndExcluding": "140.5.0"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "445D5AED-0882-46FE-A5F1-B7148B923221",
"versionEndExcluding": "145.0"
}
],
"operator": "OR"
}
]
}
]