EUVD-2026-37082

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37...

EUVD-2026-37085

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37...

CVE-2026-12290

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37...

CVE-2026-12289

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37...

CVE-2026-12302

CVE-2026-12302 describes a mitigation bypass in the DOM: Security component. The issue affects Firefox and related ESR releases and has been fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37. The available documents do not specify the exact root cause details, affected component sc...

CVE-2026-12302 Mitigation bypass in the DOM: Security component

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CVE-2026-12299

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37...

CVE-2026-12297 Sandbox escape due to incorrect boundary conditions in the Networking component

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...