System	Score	Found at
epss	0.00017	https://api.first.org/data/v1/epss?cve=CVE-2025-4920
cvssv3.1	8.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2025-36
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2025-37

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2025-4920
		https://bugzilla.mozilla.org/show_bug.cgi?id=1966612
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4920
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://www.mozilla.org/security/advisories/mfsa2025-36/
		https://www.mozilla.org/security/advisories/mfsa2025-37/
CVE-2025-4920		https://nvd.nist.gov/vuln/detail/CVE-2025-4920
mfsa2025-36		https://www.mozilla.org/en-US/security/advisories/mfsa2025-36
mfsa2025-37		https://www.mozilla.org/en-US/security/advisories/mfsa2025-37

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Percentile	0.02539
EPSS Score	0.00017
Published At	May 18, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-05-18T13:19:08.558144+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2025/mfsa2025-37.yml	36.0.0