CVE-2025-1018

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 4, 2025

Updated: Feb 6, 2025

CWE ID 1021

Summary

CVE-2025-1018 is a vulnerability affecting Firefox version 134 and older, as well as Thunderbird version 134 and below. The issue lies in the fullscreen notification feature, which can be prematurely hidden if the user quickly requests fullscreen mode again. This quirk could potentially be exploited for spoofing attacks, allowing malicious actors to display misleading notifications to unsuspecting users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2dwEc_
https://www.cve.org/CVERecord?id=CVE-2025-1018
https://nvd.nist.gov/vuln/detail/CVE-2025-1018

Back to Vulnerability Database

CVE-2025-1018

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations