1214 matches found
CVE-2026-8965
CVE-2026-8965 is an information-disclosure vulnerability in the DOM: Security component, affecting Mozilla Firefox and Mozilla Thunderbird up to version 151. The issue is fixed in Firefox 151 and Thunderbird 151. Affected products include Mozilla Firefox earlier than 151.0 and Mozilla Thunderbird...
CVE-2026-8966
CVE-2026-8966 affects Mozilla Thunderbird (earlier than 151.0) and concerns information disclosure in the IP Protection component. Multiple connected sources corroborate the impact as information disclosure, with the vulnerability fixed in Thunderbird 151 (and Firefox 151 per the initial entry). ...
CVE-2026-8967
CVE-2026-8967 affects Mozilla graphics stack via the Graphics: WebGPU component, leading to information disclosure. Public documentation in connected sources indicates the vulnerability was fixed in Firefox 151 and Thunderbird 151, with affected products listed as Mozilla Thunderbird and Mozilla ...
CVE-2026-12300
CVE-2026-12300 describes a memory-safety issue that was fixed in Firefox 152 and Thunderbird 152. The available sources confirm the affected products are Mozilla Firefox/Thunderbird, with the underlying problem labeled as a memory safety bug. The CVSS metrics in the initial document indicate a ba...
CVE-2026-12319
CVE-2026-12319 is a reported DoS in the Audio/Video: Playback component. Multiple connected sources confirm the issue affects Firefox and Thunderbird and that it was fixed in Firefox 152 and Thunderbird 152. The CVSS 3.1 vector indicates network attack vector, low attack complexity, no privileges...
CVE-2026-2804
CVE-2026-2804 describes a use-after-free vulnerability in the JavaScript: WebAssembly component that affects Mozilla Firefox and Mozilla Thunderbird. The issue is fixed in Firefox 148 and Thunderbird 148. Connected advisories reaffirm the same root cause (memory management issue in the WebAssembl...
CVE-2026-4689
CVE-2026-4689: A sandbox-escape issue caused by incorrect boundary conditions and an integer overflow in the XPCOM component. Public disclosures across multiple sources show affected products include Firefox and Thunderbird (various release tracks), with fixes implemented in Firefox 149, ESR 115....
CVE-2026-5735
CVE-2026-5735 affects Mozilla Firefox and Thunderbird 149.0.1, with memory safety bugs that can cause memory corruption and, per sources, could be exploited to run arbitrary code. Affected components are within Firefox/Thunderbird rendering and memory management; the issue has been fixed in Firef...
CVE-2026-8964
The CVE-2026-8964 entry describes a spoofing issue in the Popup Blocker component. The vulnerability is stated to be fixed in Firefox 151 and Thunderbird 151, indicating a patch/upgrade is available for mitigation. The available data list the impact as high (I: High) with a network attack vector ...
CVE-2026-4724
CVE-2026-4724 affects Mozilla Firefox and Mozilla Thunderbird. The root cause is undefined behavior in the Audio/Video component, leading to potential security bypass or other impacts as described in the connected records. The vulnerability is reported across multiple sources (CNVD EUVD entries) ...
CVE-2026-6781
CVE-2026-6781 is a denial-of-service vulnerability in the Mozilla Firefox/Thunderbird Audio/Video: Playback component. The issue is fixed in Firefox 150 and Thunderbird 150. Affected products are Firefox and Thunderbird; the root cause is described only as a DoS in the playback component, with no...
CVE-2026-0889
CVE-2026-0889 describes a Denial-of-Service in the DOM: Service Workers component, affecting Mozilla Firefox and Mozilla Thunderbird versions earlier than 147. The CVE’s publicly documented impact is DoS with the DOM Service Workers, and the related advisory notes advise updating to the latest ve...
CVE-2026-12321
Summary: CVE-2026-12321 is a JIT miscompilation in the JavaScript: WebAssembly component. Affected products: Firefox and Thunderbird (WebAssembly/JS engine). Root cause: JIT miscompilation in the WebAssembly component. Impact: Not explicitly quantified beyond miscompilation; CVSS v3.1 base score ...
CVE-2026-0888
CVE-2026-0888 relates to information disclosure in the XML component in Mozilla Firefox and Thunderbird prior to version 147. Affected products include Firefox < 147 and Thunderbird