mozilla
3,564 tracked vulnerabilities.
CVE-2026-4726
HIGH
Firefox and Thunderbird - Denial of Service in XML Component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4725
CRITICAL
Sandbox escape due to use-after-free in the Graphics: Canvas2D component
Mar 24, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-4724
CRITICAL
Undefined behavior in the Audio/Video component
Mar 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-4723
CRITICAL
Use-after-free in the JavaScript Engine component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4722
HIGH
Firefox < 149 - Privilege Escalation in IPC Component
Mar 24, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-4721
CRITICAL
Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4720
CRITICAL
Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4719
HIGH
Incorrect boundary conditions in the Graphics: Text component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4718
HIGH
Undefined behavior in the WebRTC: Signaling component
Mar 24, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-4717
CRITICAL
Privilege escalation in the Netmonitor component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4716
CRITICAL
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component
Mar 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-4715
CRITICAL
Uninitialized memory in the Graphics: Canvas2D component
Mar 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-4714
HIGH
Incorrect boundary conditions in the Audio/Video component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4713
HIGH
Incorrect boundary conditions in the Graphics component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4712
HIGH
Information disclosure in the Widget: Cocoa component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4711
CRITICAL
Use-after-free in the Widget: Cocoa component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4710
CRITICAL
Incorrect boundary conditions in the Audio/Video component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4709
HIGH
Incorrect boundary conditions in the Audio/Video: GMP component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4708
HIGH
Incorrect boundary conditions in the Graphics component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4707
HIGH
Incorrect boundary conditions in the Graphics: Canvas2D component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4706
HIGH
Incorrect boundary conditions in the Graphics: Canvas2D component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4705
CRITICAL
Undefined behavior in the WebRTC: Signaling component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4704
HIGH
Denial-of-service in the WebRTC: Signaling component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4702
CRITICAL
JIT miscompilation in the JavaScript Engine component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4701
CRITICAL
Use-after-free in the JavaScript Engine component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 18
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters