CVE-2025-9181

CVE-2025-9181: Uninitialized memory in the JavaScript Engine component

Published August 19, 2025
Last update April 13, 2026
View on NVD All CVEs

CVSS base score

What the vulnerability does

Description

Uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 142, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2.

Key dates

Disclosure timeline

August 19, 2025 CVE published
April 13, 2026 Record updated