CVEs-PoC/2025/CVE-2025-6435.md

CVE-2025-6435

Description

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140 and Thunderbird < 140.

POC

Reference

• https://bugzilla.mozilla.org/show_bug.cgi?id=1950056

Github

No PoCs found on GitHub currently.