mozilla
3,619 tracked vulnerabilities.
CVE-2026-6764
MEDIUM
Incorrect boundary conditions in the DOM: Device Interfaces component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6763
MEDIUM
Mitigation bypass in the File Handling component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6762
MEDIUM
Mozilla Firefox and Thunderbird 115.35, 140.10, and 150 - DOM Spoofing
Apr 21, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6761
HIGH
Privilege escalation in the Networking component
Apr 21, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-6760
CRITICAL
Mitigation bypass in the Networking: Cookies component
Apr 21, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-6759
HIGH
Use-after-free in the Widget: Cocoa component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6758
HIGH
Use-after-free in the JavaScript: WebAssembly component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6757
MEDIUM
Invalid pointer in the JavaScript: WebAssembly component
Apr 21, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6756
HIGH
Mitigation bypass in Firefox for Android
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6755
MEDIUM
Mitigation bypass in the DOM: postMessage component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6754
HIGH
Use-after-free in the JavaScript Engine component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6753
HIGH
Incorrect boundary conditions in the WebRTC component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6752
HIGH
Incorrect boundary conditions in the WebRTC component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6751
HIGH
Uninitialized memory in the Audio/Video: Web Codecs component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6750
HIGH
Privilege escalation in the Graphics: WebRender component
Apr 21, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-6749
HIGH
Information disclosure due to uninitialized memory in the Graphics: Canvas2D component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6748
CRITICAL
Uninitialized memory in the Audio/Video: Web Codecs component
Apr 21, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-6747
HIGH
Use-after-free in the WebRTC component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6746
HIGH
Use-after-free in the DOM: Core & HTML component
Apr 21, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-6654
MEDIUM
Use-After-Free and Double-Free in IntoIter::drop when element drop panics
Apr 20, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-5735
CRITICAL
Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-5734
CRITICAL
Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-5733
HIGH
Incorrect boundary conditions in the Graphics: WebGPU component
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5732
HIGH
Incorrect boundary conditions, integer overflow in the Graphics: Text component
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5731
CRITICAL
Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 432
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters