What is CVE-2025-27424?

CVE-2025-27424 is a vulnerability in Mozilla Firefox For Ios. Published 2025-03-04.

Is CVE-2025-27424 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mozilla Firefox For Ios

CVE-2025-27424

Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136.

EPSS: 0.003 (56.9th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox For Ios — versions 136

Public proof-of-concept exploits

RenwaX23/Address_
fkie-cad/nvd-json-data-feeds

References

bugzilla.mozilla.org/show_bug.cgi
www.mozilla.org/security/advisories/mfsa2025-13/

Frequently asked questions

What is CVE-2025-27424?: CVE-2025-27424 is a vulnerability in Mozilla Firefox For Ios. Published 2025-03-04.
Is CVE-2025-27424 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.