CVE-2025-11940 | LibreWolf up to 143.0.4-1 on Windows Installer assets/setup.nsi uncontrolled search path

A vulnerability was found in LibreWolf up to 143.0.4-1 on Windows and classified as problematic. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path.

This vulnerability is listed as CVE-2025-11940. The attack must be carried out locally. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More