CVE-2025-8039: Vulnerability in Mozilla Firefox
In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
AI Analysis
Technical Summary
This vulnerability involves the persistence of search terms in the Firefox URL bar after the user navigates away from the search page, potentially exposing search data unintentionally. It is identified as CVE-2025-8039 and was fixed in Firefox 141 and Firefox ESR 140.1 along with corresponding Thunderbird versions. The issue is categorized under CWE-200 (Information Exposure). Although the CVSS score is high (8.1), Mozilla rates the impact as low and has released an official fix in the stated versions.
Potential Impact
The vulnerability could lead to unintended exposure of search terms in the URL bar, which may reveal user search activity. However, Mozilla classifies the impact as low, indicating limited risk or exploitation potential. There are no reports of active exploitation in the wild for this vulnerability.
Mitigation Recommendations
An official fix is available and has been released in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Users and administrators should update to these or later versions to remediate this vulnerability. Since the vendor advisory confirms the fix, no additional mitigation steps are necessary.
CVE-2025-8039: Vulnerability in Mozilla Firefox
Description
In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves the persistence of search terms in the Firefox URL bar after the user navigates away from the search page, potentially exposing search data unintentionally. It is identified as CVE-2025-8039 and was fixed in Firefox 141 and Firefox ESR 140.1 along with corresponding Thunderbird versions. The issue is categorized under CWE-200 (Information Exposure). Although the CVSS score is high (8.1), Mozilla rates the impact as low and has released an official fix in the stated versions.
Potential Impact
The vulnerability could lead to unintended exposure of search terms in the URL bar, which may reveal user search activity. However, Mozilla classifies the impact as low, indicating limited risk or exploitation potential. There are no reports of active exploitation in the wild for this vulnerability.
Mitigation Recommendations
An official fix is available and has been released in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Users and administrators should update to these or later versions to remediate this vulnerability. Since the vendor advisory confirms the fix, no additional mitigation steps are necessary.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mozilla
- Date Reserved
- 2025-07-22T10:14:08.352Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 687ffd51a915ff00f7fb59c6
Added to database: 7/22/2025, 9:06:25 PM
Last enriched: 4/14/2026, 11:54:26 AM
Last updated: 5/9/2026, 4:06:08 AM
Views: 146
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.