EUVD-2026-8452

Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox 148...

CVE-2026-2799

Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox 148 and Thunderbird 148...

CVE-2026-2799

CVE-2026-2799 is a use-after-free vulnerability in the DOM: Core & HTML components of Mozilla Firefox and Thunderbird. The issue, identified across multiple advisories, is resolved in Firefox 148 and Thunderbird 148. Public exploit activity is noted in connected sources. Affected products include...

CVE-2026-2787

CVE-2026-2787 is a use-after-free in the DOM: Window and Location component, with fixes in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. Connected sources corroborate the issue in Firefox-related components and list the affected products as Firefox/Th...

EUVD-2026-8505

Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox 148 and Firefox ESR 140.8...

CVE-2026-2778

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2778

CVE-2026-2778: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. Affected: Firefox (pre-148), Firefox ESR (pre-115.33/140.8); Thunderbird (pre-148, pre-140.8). Fixes: Firefox 148, ESR 115.33/140.8; Thunderbird 148/140.8. Practical impact: sandbox escape potent...

CVE-2026-2775 Mitigation bypass in the DOM: HTML Parser component

Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2771

CVE-2026-2771 is an undefined-behavior vulnerability in the DOM: Core & HTML component of Mozilla Firefox/Thunderbird family that was fixed in Firefox 148, Firefox ESR 115.33 and 140.8, Thunderbird 148 and 140.8. The issue is reported across multiple advisories (Astra Linux bulletin and Amazon Li...

CVE-2026-2770 Use-after-free in the DOM: Bindings (WebIDL) component

Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2770

CVE-2026-2770 is a use-after-free in the DOM: Bindings (WebIDL) component. Affected products include Firefox (fixed in Firefox 148 and Firefox ESR 115.33/140.8) and Thunderbird (fixed in 148 and 140.8). The connected advisories confirm the same flaw and fix versions; no exploitation details are p...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

Mozilla Thunderbird < 148.0

The version of Thunderbird installed on the remote Windows host is prior to 148.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-16 advisory. - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory...

PT-2026-21738

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description The software contains an invalid pointer issue within the DOM Core and HTML components. This condition may lead to unexpected behavior or crashes. Recommendations Upda...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

PT-2026-21731

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A use-after-free condition exists in the DOM Core and HTML components. This issue could allow for unexpected behavior or potential compromise. Recommendations Update...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products that...

Mozilla -- Undefined behavior in the DOM: Core & HTML component

https://bugzilla.mozilla.org/showbug.cgi?id=2014593 reports: Undefined behavior in the DOM: Core & HTML component...

CVE-2025-69367

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes Oyster - Photography WordPress Theme oyster allows DOM-Based XSS.This issue affects Oyster - Photography WordPress Theme: from n/a through = 4.4.3...