CVE-2025-11719: thunderbird: firefox: Use-after-free caused by the native messaging web extension API on Windows

Severity: Critical

CVSS Score: 9.8

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144.