Find real vulnerabilities before they ship
Vulnerability Database › CVE-2025-11716
Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability was fixed in Firefox 144 and Thunderbird 144.
Base Score