What is CVE-2025-10859?

CVE-2025-10859 is a vulnerability in Mozilla Firefox For Ios. Published 2025-09-30.

Is CVE-2025-10859 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mozilla Firefox For Ios

CVE-2025-10859

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in…

EPSS: 0.000 (4.4th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox For Ios — versions 143.1

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

bugzilla.mozilla.org/show_bug.cgi
www.mozilla.org/security/advisories/mfsa2025-79/

Frequently asked questions

What is CVE-2025-10859?: CVE-2025-10859 is a vulnerability in Mozilla Firefox For Ios. Published 2025-09-30.
Is CVE-2025-10859 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.