CVE-2026-2758

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-26464

Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...

CVE-2026-3050

A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of the file static/assets/js/global.js of the component Leads Module. This manipulation of the argument Notes causes cross site scripting. The attack is possible to be carried out remotely. The exploi...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the device image upload. An attacker can execute arbitrary JavaScript in the context of other users' browsers by uploading a crafted SVG file containing malicious scripts. Details Cross-site scripting or XSS...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due t...

Mozilla Thunderbird < 148.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 148.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-16 advisory. - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of...

PT-2026-21734

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description An issue exists due to incorrect boundary conditions within the JavaScript: WebAssembly component. This could potentially lead to unexpected behavior or compromise...

Mozilla Firefox和Mozilla Thunderbird 代码问题漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

PT-2026-21728

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A use-after-free issue exists in the JavaScript: GC component. This condition can occur when memory is accessed after it has been freed, potentially leading to crashes...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products that...

PT-2026-21735

Race condition in the JavaScript: GC component. This vulnerability affects Firefox 148...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

NiceGUI 跨站脚本漏洞

NiceGUI is an easy-to-use, Python-based UI framework developed under the open source license. Versions of NiceGUI prior to 3.8.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of eval in multiple client APIs, and incorrect escaping of method names, which...

PT-2026-21771

Name of the Vulnerable Software and Affected Versions NiceGUI versions prior to 3.8.0 Description NiceGUI APIs, including Element.run method, AgGrid.run grid method, EChart.run chart method, and others, utilized an eval fallback within the JavaScript-side runMethod function. This allowed for...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

PT-2026-21755

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The web interface does not properly sanitize user input, which allows an attacker to inject and execute arbitrary JavaScript code within the context of...

PT-2026-21729

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A JIT miscompilation issue exists in the JavaScript: WebAssembly component. JIT Just-In-Time compilation is a method used by browsers to improve execution speed by...