๐Ÿ” CVE Alert

CVE-2025-54143

CRITICAL 9.8

Sandboxed iframes could allow local downloads despite sandbox restrictions

CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.

Vendor mozilla
Product firefox for ios
Ecosystems
Industries
Technology
Published Aug 19, 2025
Last Updated Apr 13, 2026
Stay Ahead of the Next One

Get instant alerts for mozilla firefox for ios

Be the first to know when new critical vulnerabilities affecting mozilla firefox for ios are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Mozilla / Firefox for iOS
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
bugzilla.mozilla.org: https://bugzilla.mozilla.org/show_bug.cgi?id=1912671 mozilla.org: https://www.mozilla.org/security/advisories/mfsa2025-60/

Credits

Narendra Bhati