mozilla

3,619 tracked vulnerabilities.

CVE-2025-14860 CRITICAL
Firefox < 146.0.1 - Use-After-Free in Disability Access APIs
Dec 18, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14744 MEDIUM
Firefox for iOS <144.0 - Info Disclosure
Dec 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-14333 HIGH
Firefox < 146 - Firefox ESR < 140.6 - Memory Corruption
Dec 09, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-14332 HIGH
Firefox and Thunderbird < 146.0 - Out-of-bounds Write
Dec 09, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-14331 MEDIUM
Firefox < 115.31.0, < 146.0 and Thunderbird < 140.6.0, < 146.0 - Same-Origin Policy Bypass in Request Handling
Dec 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-14330 CRITICAL
Firefox < 146.0 and 140.6-140.* - Memory Corruption in JIT Component
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14329 HIGH
Firefox < 146, Thunderbird < 140.6 - Privilege Escalation
Dec 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14328 HIGH
Firefox < 146, Thunderbird < 140.6 - Privilege Escalation
Dec 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14327 HIGH
Firefox < 146.0 and ESR 140.7 - Spoofing in Downloads Panel
Dec 09, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-14326 CRITICAL
Firefox < 146 - Thunderbird < 146 - Use After Free
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14325 HIGH
Firefox < 146.0 and 140.6-140.* - Type Confusion in JIT JavaScript Engine
Dec 09, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-14324 CRITICAL
Firefox < 115.31.0, 140.6-145.9, 146 - Remote Code Execution via JIT Miscompilation
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14323 HIGH
Firefox < 115.31.0, 140.6-146.0 and Thunderbird < 140.6.0, 146.0 - Privilege Escalation in DOM Notifications
Dec 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14322 HIGH
Firefox < 146 & Thunderbird < 140.6 - Sandbox Escape
Dec 09, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-14321 CRITICAL
Firefox < 146.0 and 140.6-140.* - Use-After-Free in WebRTC Signaling
Dec 09, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-66453 HIGH
Rhino <1.8.1, <1.7.15.1, <1.7.14.1 - DoS
Dec 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13027 HIGH
Firefox < 145 - Memory Corruption
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13026 CRITICAL
Firefox < 145.0 - Sandbox Escape via WebGPU Boundary Condition Mishandling
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13025 HIGH
Firefox < 145.0 - Incorrect Default Permissions in WebGPU Component
Nov 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13024 CRITICAL
Firefox < 145.0 - JIT Miscompilation in JavaScript Engine
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13023 CRITICAL
Firefox < 145.0 - Sandbox Escape via WebGPU Boundary Condition Mismanagement
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13022 CRITICAL
Firefox < 145.0 - Denial of Service in WebGPU Graphics Component
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13021 CRITICAL
Firefox < 145.0 - Denial of Service in WebGPU Graphics Component
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13020 HIGH
Firefox < 145.0 and Firefox ESR < 140.5 - Use-After-Free in WebRTC Audio/Video Component
Nov 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13019 HIGH
Firefox < 140.5.0 and 140.5-140.* and < 145.0 and >=145 - Same-Origin Policy Bypass in DOM Workers
Nov 11, 2025
CVSS 8.1
EPSS 0.00