This vulnerability affects Firefox < 143 and Thunderbird < 143.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - This vulnerability affects Firefox < 143 and Thunderbird < 143. (CVE-2025-10534)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 143.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-73 advisory.

  - Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142.
    Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of     these could have been exploited to run arbitrary code. (CVE-2025-10537)

  - This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
    (CVE-2025-10527, CVE-2025-10528, CVE-2025-10529, CVE-2025-10532, CVE-2025-10536)

  - This vulnerability affects Firefox < 143 and Thunderbird < 143. (CVE-2025-10530, CVE-2025-10531,     CVE-2025-10534)

  - This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143,     and Thunderbird < 140.3. (CVE-2025-10533)

  - This vulnerability affects Firefox < 143. (CVE-2025-10535)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote Windows host is prior to 143.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-73 advisory.

  - Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142.
    Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of     these could have been exploited to run arbitrary code. (CVE-2025-10537)

  - This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
    (CVE-2025-10527, CVE-2025-10528, CVE-2025-10529, CVE-2025-10532, CVE-2025-10536)

  - This vulnerability affects Firefox < 143 and Thunderbird < 143. (CVE-2025-10530, CVE-2025-10531,     CVE-2025-10534)

  - This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143,     and Thunderbird < 140.3. (CVE-2025-10533)

  - This vulnerability affects Firefox < 143. (CVE-2025-10535)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote Windows host is prior to 143.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-77 advisory.

  - Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142.
    Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of     these could have been exploited to run arbitrary code. (CVE-2025-10537)

  - This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
    (CVE-2025-10527, CVE-2025-10528, CVE-2025-10529, CVE-2025-10532, CVE-2025-10536)

  - This vulnerability affects Firefox < 143 and Thunderbird < 143. (CVE-2025-10530, CVE-2025-10531,     CVE-2025-10534)

  - This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143,     and Thunderbird < 140.3. (CVE-2025-10533)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 143.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-77 advisory.

  - Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142.
    Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of     these could have been exploited to run arbitrary code. (CVE-2025-10537)

  - This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
    (CVE-2025-10527, CVE-2025-10528, CVE-2025-10529, CVE-2025-10532, CVE-2025-10536)

  - This vulnerability affects Firefox < 143 and Thunderbird < 143. (CVE-2025-10530, CVE-2025-10531,     CVE-2025-10534)

  - This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143,     and Thunderbird < 140.3. (CVE-2025-10533)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-100ae879e3 advisory.

    - New upstream release (143.0)

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4dca10ca2c advisory.

    - New upstream release (143.0)

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
265642	Linux Distros Unpatched Vulnerability : CVE-2025-10534	Nessus	Misc.	high
265450	Mozilla Firefox < 143.0	Nessus	MacOS X Local Security Checks	high
265449	Mozilla Firefox < 143.0	Nessus	Windows	high
265448	Mozilla Thunderbird < 143.0	Nessus	Windows	high
265447	Mozilla Thunderbird < 143.0	Nessus	MacOS X Local Security Checks	high
265386	Fedora 41 : firefox (2025-100ae879e3)	Nessus	Fedora Local Security Checks	high
265310	Fedora 42 : firefox (2025-4dca10ca2c)	Nessus	Fedora Local Security Checks	high

Detections

Analytics

CVE-2025-10534

high

Tenable Plugins

high

high

high

high

high

high

high