RockyLinux 10 : firefox (RLSA-2026:19160)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19160 advisory. firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox...

Amazon Linux 2023 : firefox (ALAS2023-2026-1725)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1725 advisory. In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. CVE-2026-45186 Use-after-free in th...

AlmaLinux 8 : firefox (ALSA-2026:20566)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:20566 advisory. firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox...

firefox: thunderbird: Use-after-free in the DOM: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Networking component...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

Important: firefox

Issue Overview: In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. CVE-2026-45186 Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

RHEL 9 : firefox (RHSA-2026:20574)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20574 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

ALSA-2026:20574 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

RHEL 8 : firefox (RHSA-2026:20566)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20566 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Important: firefox

Issue Overview: In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. CVE-2026-45186 Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR...

SUSE CVE-2026-8948

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

UBUNTU-CVE-2026-8948

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

CVE-2026-8948

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

CVE-2026-8948 Same-origin policy bypass in the DOM: Networking component

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

CVE-2026-8948

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

EUVD-2026-30900

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

CVE-2026-8948

CVE-2026-8948: A same-origin policy bypass in the DOM: Networking component affecting Firefox and Thunderbird; fixed in Firefox 151 and Thunderbird 151. CVSS 3.1: 9.1 (CRITICAL), attack vector NETWORK, complexity LOW, no user interaction. No exploitation details provided in the documents. Remedia...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...