mozilla
3,619 tracked vulnerabilities.
CVE-2026-10702
MEDIUM
JIT miscompilation in the JavaScript Engine: JIT component
Jun 02, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-10701
HIGH
Incorrect boundary conditions in the Graphics: Text component
Jun 02, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-9309
MEDIUM
Arbitrary JavaScript execution in internal pages via Reader View JSON-LD injection
Jun 01, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-9308
MEDIUM
Arbitrary JavaScript execution in Reader View due to wrong HTML replacement order
Jun 01, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-9078
MEDIUM
Firefox iOS RTL Domain Rendering Issue in Link Preview
May 25, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-8706
MEDIUM
Sensitive user data could be leaked to other applications through Reader mode
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8975
HIGH
Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8974
HIGH
Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8973
HIGH
Firefox and Thunderbird < 151 - Memory Corruption
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8972
HIGH
Privilege escalation in the WebRTC: Audio/Video component
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8971
MEDIUM
Same-origin policy bypass in the Networking: JAR component
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8970
HIGH
Firefox < 140.11 and 140.11-150.0 - Privilege Escalation
May 19, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8969
HIGH
Mitigation bypass in the DOM: Security component
May 19, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-8968
HIGH
Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8967
HIGH
Information disclosure in the Graphics: WebGPU component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8966
HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Information Disclosure in IP Protection Component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8965
HIGH
Information disclosure in the DOM: Security component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8964
HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Spoofing via Popup Blocker
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8963
HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Authentication Bypass by Spoofing in Web Speech Component
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8962
HIGH
Mitigation bypass in the DOM: Security component
May 19, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-8961
MEDIUM
Firefox and Thunderbird < 140.11 and >=151 - Authentication Bypass by Spoofing in Form Autofill
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8960
HIGH
Firefox < 151.0.0 and Thunderbird < 151.0.0 - Authentication Bypass by Spoofing via WebExtensions
May 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8959
CRITICAL
Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
May 19, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-8958
HIGH
Information disclosure, sandbox escape in the Security: Process Sandboxing component
May 19, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-8957
HIGH
Firefox < 140.11 and 140.11-140.* and >=151 - Privilege Escalation in Enterprise Policies
May 19, 2026
CVSS 8.8
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 432
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters