CVE-2025-10536 is a vulnerability identified in the Networking: Cache component of Mozilla Firefox and Thunderbird, affecting Firefox versions earlier than 143 and ESR versions earlier than 140.3, as well as corresponding Thunderbird versions. The vulnerability is categorized under CWE-200, indicating an information disclosure weakness. Specifically, it allows unauthorized local attackers to access sensitive information stored in the browser's or email client's cache. The attack vector is local (AV:L), meaning the attacker must have local system access, but no privileges (PR:N) or user interaction (UI:N) are required to exploit it. The vulnerability does not affect the integrity or availability of the system but has a high impact on confidentiality, as sensitive cached data could be exposed. The CVSS v3.1 base score is 6.2, reflecting medium severity. No patches or exploit code are currently publicly available, and no known exploits in the wild have been reported. The vulnerability was published on September 16, 2025, and is assigned by Mozilla. The lack of user interaction and privileges required suggests that once an attacker gains local access, they can exploit this flaw to extract sensitive cached data, potentially including browsing history, cookies, or other cached web content. This could lead to privacy violations or further targeted attacks if sensitive information is leaked. The vulnerability affects multiple platforms where Firefox and Thunderbird are used, including Windows, Linux, and macOS.

For European organizations, the primary impact of CVE-2025-10536 is the potential unauthorized disclosure of sensitive cached data within Firefox and Thunderbird applications. This could compromise user privacy and expose confidential information such as session tokens, browsing history, or cached credentials. Organizations with shared workstations, multi-user environments, or insufficient endpoint security controls are at higher risk. The vulnerability does not allow remote exploitation, limiting the attack surface to insiders or attackers with local access. However, in environments such as public terminals, corporate offices, or government agencies where multiple users share devices, the risk of data leakage is significant. The compromise of cached data could facilitate further attacks, including social engineering or credential theft. Given the widespread use of Firefox and Thunderbird in Europe, especially in public sector, education, and enterprises valuing open-source software, the impact could be notable if unpatched. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time.

Organizations should prioritize updating Firefox and Thunderbird to versions 143 and ESR 140.3 or later as soon as patches become available from Mozilla. Until patches are applied, restrict local access to systems running vulnerable versions by enforcing strict physical and logical access controls. Implement endpoint security solutions that monitor and restrict unauthorized local activities, including access to application cache directories. Educate users about the risks of using shared or public workstations for sensitive activities involving Firefox or Thunderbird. Consider deploying application sandboxing or containerization to isolate browser and email client data. Regularly audit systems for outdated software versions and enforce automated patch management policies. Additionally, monitor security advisories from Mozilla for any updates or exploit disclosures related to this vulnerability. For high-security environments, consider disabling caching features temporarily if feasible, or use hardened configurations that limit cache data exposure.