{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T13:53:16.838","vulnerabilities":[{"cve":{"id":"CVE-2025-6435","sourceIdentifier":"security@mozilla.org","published":"2025-06-24T13:15:24.560","lastModified":"2026-04-13T15:17:08.143","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and Thunderbird 140."},{"lang":"es","value":"Si un usuario guardó una respuesta desde la pestaña Red en DevTools mediante la opción Guardar como del menú contextual, es posible que el archivo no se haya guardado con la extensión `.download`. Esto podría haber provocado que el usuario ejecutara accidentalmente un archivo malicioso. Esta vulnerabilidad afecta a Firefox anterior a la versión 140."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"140.0","matchCriteriaId":"6BD96DBF-567C-4E36-844D-B25A4E22CE40"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","versionEndExcluding":"140.0","matchCriteriaId":"EE6112E1-F482-4916-BA5E-68868793540F"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1950056","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1961777","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}}]}