CVE-2025-8039: 
NixOS vulnerability analysis and mitigation

CVE-2025-8039 is a security vulnerability discovered in Mozilla products where search terms persisted in the URL bar even after navigating away from the search page. The vulnerability was disclosed on July 22, 2025, and affects multiple Mozilla products including Firefox versions before 141.0, Firefox ESR versions before 140.1, Thunderbird versions before 141.0, and Thunderbird ESR versions before 140.1 (Mozilla Advisory).

The vulnerability is classified as an information exposure issue (CWE-200) with a CVSS v3.1 base score of 8.1 HIGH (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N). The technical nature of the vulnerability involves the persistence of search terms in the URL bar after navigation, potentially exposing sensitive search information to unauthorized actors (NVD).

The vulnerability has been assessed with a low impact rating by Mozilla, though the CVSS score suggests potentially higher severity in certain contexts. The primary security concern is the exposure of sensitive information through search terms remaining visible in the URL bar after the user has navigated away from the search page (Mozilla Advisory).

Mozilla has addressed this vulnerability in Firefox 141.0, Firefox ESR 140.1, Thunderbird 141.0, and Thunderbird ESR 140.1. Users are advised to update their installations to these or later versions to mitigate the risk (Mozilla Advisory).