CVE-2025-8027
Published: 22 July 2025
Summary
CVE-2025-8027 is a medium-severity Use of Uninitialized Variable (CWE-457) vulnerability in Mozilla Firefox. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 34.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22372
Vulnerability details
On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1,…
more
Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.