CVE-2025-8036: Vulnerability in Mozilla Firefox
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
AI Analysis
Technical Summary
The vulnerability CVE-2025-8036 involves Firefox and Thunderbird caching CORS preflight responses across changes in IP addresses. This caching flaw allowed attackers to bypass CORS restrictions by leveraging DNS rebinding techniques. The issue was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. The CVSS 3.1 base score is 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N), reflecting a network attack vector with low complexity, no privileges required, user interaction needed, unchanged scope, and high confidentiality and integrity impacts. The vendor advisory explicitly states the fix availability and does not indicate any ongoing mitigation requirements beyond updating.
Potential Impact
Successful exploitation of this vulnerability could allow an attacker to circumvent CORS protections, potentially leading to unauthorized access to sensitive cross-origin resources, impacting confidentiality and integrity of user data. There is no indication of availability impact. No known exploits have been reported in the wild at this time.
Mitigation Recommendations
An official fix is available and has been released in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Users and administrators should update to these versions or later to remediate this vulnerability. No additional mitigation steps are required as per the vendor advisory.
CVE-2025-8036: Vulnerability in Mozilla Firefox
Description
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2025-8036 involves Firefox and Thunderbird caching CORS preflight responses across changes in IP addresses. This caching flaw allowed attackers to bypass CORS restrictions by leveraging DNS rebinding techniques. The issue was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. The CVSS 3.1 base score is 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N), reflecting a network attack vector with low complexity, no privileges required, user interaction needed, unchanged scope, and high confidentiality and integrity impacts. The vendor advisory explicitly states the fix availability and does not indicate any ongoing mitigation requirements beyond updating.
Potential Impact
Successful exploitation of this vulnerability could allow an attacker to circumvent CORS protections, potentially leading to unauthorized access to sensitive cross-origin resources, impacting confidentiality and integrity of user data. There is no indication of availability impact. No known exploits have been reported in the wild at this time.
Mitigation Recommendations
An official fix is available and has been released in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Users and administrators should update to these versions or later to remediate this vulnerability. No additional mitigation steps are required as per the vendor advisory.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mozilla
- Date Reserved
- 2025-07-22T10:14:02.586Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 687ffd50a915ff00f7fb59a7
Added to database: 7/22/2025, 9:06:24 PM
Last enriched: 4/14/2026, 11:54:04 AM
Last updated: 5/9/2026, 10:39:16 AM
Views: 166
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.