mozilla
3,564 tracked vulnerabilities.
CVE-2026-4700
CRITICAL
Mitigation bypass in the Networking: HTTP component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4699
HIGH
Incorrect boundary conditions in the Layout: Text and Fonts component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4698
CRITICAL
JIT miscompilation in the JavaScript Engine: JIT component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4697
HIGH
Incorrect boundary conditions in the Audio/Video: Web Codecs component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4696
CRITICAL
Use-after-free in the Layout: Text and Fonts component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4695
HIGH
Incorrect boundary conditions in the Audio/Video: Web Codecs component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4694
HIGH
Incorrect boundary conditions, integer overflow in the Graphics component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4693
HIGH
Incorrect boundary conditions in the Audio/Video: Playback component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4692
CRITICAL
Sandbox escape in the Responsive Design Mode component
Mar 24, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-4691
CRITICAL
Use-after-free in the CSS Parsing and Computation component
Mar 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-4690
HIGH
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
Mar 24, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-4689
CRITICAL
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
Mar 24, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-4688
CRITICAL
Sandbox escape due to use-after-free in the Disability Access APIs component
Mar 24, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-4687
HIGH
Sandbox escape due to incorrect boundary conditions in the Telemetry component
Mar 24, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-4686
HIGH
Incorrect boundary conditions in the Graphics: Canvas2D component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4685
HIGH
Incorrect boundary conditions in the Graphics: Canvas2D component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4684
HIGH
Race condition, use-after-free in the Graphics: WebRender component
Mar 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-3847
HIGH
Firefox <148.0.2 - Memory Corruption
Mar 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-3846
MEDIUM
Firefox < 148.0.2 - Same-Origin Policy Bypass in CSS Parsing and Computation
Mar 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-3845
HIGH
Firefox for Android <148.0.2 - Buffer Overflow
Mar 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-2919
MEDIUM
Focus for iOS <148.2 - Open Redirect
Mar 09, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-2807
CRITICAL
Firefox and Thunderbird < 148.0 - Out-of-bounds Write
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2806
CRITICAL
Firefox < 148.0 - Use of Uninitialized Variable in Graphics Text Component
Feb 24, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-2805
CRITICAL
Firefox < 148.0 - Use-After-Free in DOM Core & HTML Component
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2804
MEDIUM
Firefox < 148.0 - Use-After-Free in JavaScript WebAssembly Component
Feb 24, 2026
CVSS 5.4
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 18
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters