mozilla

3,619 tracked vulnerabilities.

CVE-2026-10702 MEDIUM
JIT miscompilation in the JavaScript Engine: JIT component
Jun 02, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-10701 HIGH
Incorrect boundary conditions in the Graphics: Text component
Jun 02, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-9309 MEDIUM
Arbitrary JavaScript execution in internal pages via Reader View JSON-LD injection
Jun 01, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-9308 MEDIUM
Arbitrary JavaScript execution in Reader View due to wrong HTML replacement order
Jun 01, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-9078 MEDIUM
Firefox iOS RTL Domain Rendering Issue in Link Preview
May 25, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-8706 MEDIUM
Sensitive user data could be leaked to other applications through Reader mode
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8975 HIGH
Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8974 HIGH
Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8973 HIGH
Firefox and Thunderbird < 151 - Memory Corruption
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8972 HIGH
Privilege escalation in the WebRTC: Audio/Video component
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8971 MEDIUM
Same-origin policy bypass in the Networking: JAR component
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8970 HIGH
Firefox < 140.11 and 140.11-150.0 - Privilege Escalation
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8969 HIGH
Mitigation bypass in the DOM: Security component
May 19, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-8968 HIGH
Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8967 HIGH
Information disclosure in the Graphics: WebGPU component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8966 HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Information Disclosure in IP Protection Component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8965 HIGH
Information disclosure in the DOM: Security component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8964 HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Spoofing via Popup Blocker
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8963 HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Authentication Bypass by Spoofing in Web Speech Component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8962 HIGH
Mitigation bypass in the DOM: Security component
May 19, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-8961 MEDIUM
Firefox and Thunderbird < 140.11 and >=151 - Authentication Bypass by Spoofing in Form Autofill
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8960 HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Authentication Bypass by Spoofing via WebExtensions
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8959 CRITICAL
Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
May 19, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-8958 HIGH
Information disclosure, sandbox escape in the Security: Process Sandboxing component
May 19, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-8957 HIGH
Firefox < 140.11 and 140.11-140.* and >=151 - Privilege Escalation in Enterprise Policies
May 19, 2026
CVSS 8.8
EPSS 0.00