CVE-2025-4918: firefox: thunderbird: Out-of-bounds access when resolving Promise objects

Severity: Critical

CVSS Score: 9.8

An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.