CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2 days ago•10 views

CVE-2026-12294

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

0.00156EPSS

Cvelist•added 2 days ago•21 views

CVE-2026-12294 Sandbox escape in the DOM: Workers component

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

0.00156EPSS

EUVD•added 2 days ago•4 views

EUVD-2026-37085

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00156EPSS

CVE•added 2 days ago•9 views

CVE-2026-12294

CVE-2026-12294 describes a sandbox escape in the DOM: Workers component. Affected product: Firefox browser and ESR branches. Root cause and impact details are not elaborated in the provided documents beyond the vulnerability class. Remediation: the issue was fixed in Firefox 152, Firefox ESR 140....

5.2AI score0.00156EPSS

Tenable Nessus•added 2 days ago•5 views

Mozilla Firefox ESR < 115.37

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.37. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-59 advisory. - Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 1...

8.8CVSS6AI score0.00316EPSS

Exploits0References12

Tenable Nessus•added 2026/06/08 12:0 a.m.•6 views

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-061 (ALASFIREFOX-2026-061)

The version of firefox installed on the remote host is prior to 140.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-061 advisory. Three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming...

RedHat Linux•added 2026/06/03 1:1 a.m.•7 views

Exploits0References34

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.7AI score0.00386EPSS

Mageia•added 2026/05/29 5:12 a.m.•12 views

Updated thunderbird(-l10n) packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

Tenable Nessus•added 2026/05/29 12:0 a.m.•11 views

Exploits0References3

AlmaLinux 8 : firefox (ALSA-2026:21382)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:21382 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

RedHat Linux•added 2026/05/27 4:18 p.m.•10 views

Exploits0References20

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

AlmaLinux•added 2026/05/27 12:0 a.m.•8 views

Exploits0References19

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

OSV•added 2026/05/27 12:0 a.m.•8 views

Exploits0References38

ALSA-2026:21378 Important: firefox security update

SUSE CVE•added 2026/05/20 2:32 a.m.•10 views

Exploits0References38

SUSE CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

6.3CVSS5.8AI score0.00386EPSS

Exploits0References12

NVD•added 2026/05/19 2:16 p.m.•9 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS0.00386EPSS

Exploits0References5

UbuntuCve•added 2026/05/19 2:16 p.m.•7 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

OSV•added 2026/05/19 2:16 p.m.•4 views

Exploits0References9

UBUNTU-CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE•added 2026/05/19 12:29 p.m.•11 views

Exploits0References10

CVE-2026-8955

CVE-2026-8955 describes a privilege-escalation flaw in the DOM: Workers component. The vulnerability is fixed in Firefox 151 and Firefox ESR 140.11, as well as Thunderbird 151 and Thunderbird 140.11. The core issue is in the Workers implementation of the DOM, leading to elevated permissions. Per ...

Exploits0References5Affected Software2

AlpineLinux•added 2026/05/19 12:29 p.m.•9 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...