What is CVE-2025-10290?

CVE-2025-10290 is a vulnerability in Mozilla Focus For Ios. Published 2025-09-16.

Is CVE-2025-10290 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mozilla Focus For Ios

CVE-2025-10290

Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a…

EPSS: 0.000 (13.7th percentile) — read the EPSS interpretation.

Affected products

Mozilla Focus For Ios — versions 143.0

Public proof-of-concept exploits

ARPSyndicate/cve-scores
fkie-cad/nvd-json-data-feeds

References

bugzilla.mozilla.org/show_bug.cgi
www.mozilla.org/security/advisories/mfsa2025-76/

Frequently asked questions

What is CVE-2025-10290?: CVE-2025-10290 is a vulnerability in Mozilla Focus For Ios. Published 2025-09-16.
Is CVE-2025-10290 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.