Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-14744
CVE-2025-14744
Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS < 144.0.
Published Dec 19, 2025
https://www.mozilla.org/security/advisories/mfsa2025-97/
CVSS Score
Medium
6.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
firefox-ios
0.0.1-security
npm
firefox-ios
1.1.0
swift
github.com/mozilla-mobile/firefox-ios
143.0.20250722050353
1-3 of 3
CVE-2025-14744 | Components Impacted | Sonatype Guide | Sonatype Guide
