mozilla
3,564 tracked vulnerabilities.
CVE-2026-6759
HIGH
Use-after-free in the Widget: Cocoa component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6758
HIGH
Use-after-free in the JavaScript: WebAssembly component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6757
MEDIUM
Invalid pointer in the JavaScript: WebAssembly component
Apr 21, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6756
HIGH
Mitigation bypass in Firefox for Android
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6755
MEDIUM
Mitigation bypass in the DOM: postMessage component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6754
HIGH
Use-after-free in the JavaScript Engine component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6753
HIGH
Incorrect boundary conditions in the WebRTC component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6752
HIGH
Incorrect boundary conditions in the WebRTC component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6751
HIGH
Uninitialized memory in the Audio/Video: Web Codecs component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6750
CRITICAL
Privilege escalation in the Graphics: WebRender component
Apr 21, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-6749
HIGH
Information disclosure due to uninitialized memory in the Graphics: Canvas2D component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6748
CRITICAL
Uninitialized memory in the Audio/Video: Web Codecs component
Apr 21, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-6747
HIGH
Use-after-free in the WebRTC component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6746
HIGH
Use-after-free in the DOM: Core & HTML component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6654
MEDIUM
Use-After-Free and Double-Free in IntoIter::drop when element drop panics
Apr 20, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-5735
CRITICAL
Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-5734
CRITICAL
Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-5733
HIGH
Incorrect boundary conditions in the Graphics: WebGPU component
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5732
HIGH
Incorrect boundary conditions, integer overflow in the Graphics: Text component
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5731
CRITICAL
Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4371
HIGH
Out of bounds read in IMAP parsing
Mar 24, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-3889
MEDIUM
Spoofing issue in Thunderbird
Mar 24, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4729
CRITICAL
Memory safety bugs fixed in Firefox 149 and Thunderbird 149
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4728
MEDIUM
Spoofing issue in the Privacy: Anti-Tracking component
Mar 24, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4727
HIGH
Denial-of-service in the Libraries component in NSS
Mar 24, 2026
CVSS 7.5
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 18
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters