9803 matches found
EUVD-2026-30905
Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8955
CVE-2026-8955 describes a privilege-escalation flaw in the DOM: Workers component. The vulnerability is fixed in Firefox 151 and Firefox ESR 140.11, as well as Thunderbird 151 and Thunderbird 140.11. The core issue is in the Workers implementation of the DOM, leading to elevated permissions. Per ...
CVE-2026-8955 Privilege escalation in the DOM: Workers component
Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8955
Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8948
Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8948 Same-origin policy bypass in the DOM: Networking component
Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
EUVD-2026-30900
Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8948
CVE-2026-8948: A same-origin policy bypass in the DOM: Networking component affecting Firefox and Thunderbird; fixed in Firefox 151 and Thunderbird 151. CVSS 3.1: 9.1 (CRITICAL), attack vector NETWORK, complexity LOW, no user interaction. No exploitation details provided in the documents. Remedia...
CVE-2026-8947
Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8947
Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8947 Use-after-free in the DOM: Bindings (WebIDL) component
Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8947
CVE-2026-8947 describes a use-after-free in the DOM: Bindings (WebIDL) component of Firefox. The available sources confirm the issue and state it was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11. The documents do not provide exploit details, affected subcomponents beyond the W...
EUVD-2026-30896
Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8947 Use-after-free in the DOM: Bindings (WebIDL) component
Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
Mozilla多款产品 安全漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
PT-2026-41902
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 151 Thunderbird versions prior to 151 Description A same-origin policy bypass exists in the DOM: Networking component. The same-origin policy is a critical security mechanism that restricts how a document or script...
Mozilla多款产品 资源管理错误漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
MAL-2026-3873 Malicious code in @antv/dom-util (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...