VYPR
Medium severity5.7NVD Advisory· Published Apr 29, 2025· Updated Apr 13, 2026

CVE-2025-4084

CVE-2025-4084

Description

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox ESR 128.10, Firefox ESR 115.23, and Thunderbird 128.10.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

36

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.