CVE-2025-11153
Description
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 143.0.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A JIT miscompilation in Firefox's JavaScript Engine could allow arbitrary code execution; fixed in Firefox 143.0.3.
CVE-2025-11153 is a JIT miscompilation vulnerability in the JavaScript Engine: JIT component of Firefox. The bug, reported by Nan Wang, causes the JIT compiler to generate incorrect machine code under specific conditions, potentially leading to memory corruption [1].
Exploitation requires an attacker to craft JavaScript that triggers the miscompilation. No authentication is needed; the victim simply visits a malicious webpage, making this a client-side attack vector.
Successful exploitation could allow an attacker to execute arbitrary code in the context of the browser, potentially leading to system compromise. The vulnerability is rated high severity with a CVSS v3 score of 7.5.
Mozilla addressed this issue in Firefox 143.0.3. Users are strongly advised to update to the latest version to mitigate the risk.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <143.0.3
- (no CPE)range: <143.0.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.mozilla.org/security/advisories/mfsa2025-80/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingPermissions Required
News mentions
0No linked articles in our index yet.