mozilla

3,619 tracked vulnerabilities.

CVE-2026-6764 MEDIUM
Incorrect boundary conditions in the DOM: Device Interfaces component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6763 MEDIUM
Mitigation bypass in the File Handling component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6762 MEDIUM
Mozilla Firefox and Thunderbird 115.35, 140.10, and 150 - DOM Spoofing
Apr 21, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6761 HIGH
Privilege escalation in the Networking component
Apr 21, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-6760 CRITICAL
Mitigation bypass in the Networking: Cookies component
Apr 21, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-6759 HIGH
Use-after-free in the Widget: Cocoa component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6758 HIGH
Use-after-free in the JavaScript: WebAssembly component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6757 MEDIUM
Invalid pointer in the JavaScript: WebAssembly component
Apr 21, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6756 HIGH
Mitigation bypass in Firefox for Android
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6755 MEDIUM
Mitigation bypass in the DOM: postMessage component
Apr 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6754 HIGH
Use-after-free in the JavaScript Engine component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6753 HIGH
Incorrect boundary conditions in the WebRTC component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6752 HIGH
Incorrect boundary conditions in the WebRTC component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6751 HIGH
Uninitialized memory in the Audio/Video: Web Codecs component
Apr 21, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6750 HIGH
Privilege escalation in the Graphics: WebRender component
Apr 21, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-6749 HIGH
Information disclosure due to uninitialized memory in the Graphics: Canvas2D component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6748 CRITICAL
Uninitialized memory in the Audio/Video: Web Codecs component
Apr 21, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-6747 HIGH
Use-after-free in the WebRTC component
Apr 21, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-6746 HIGH
Use-after-free in the DOM: Core & HTML component
Apr 21, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-6654 MEDIUM
Use-After-Free and Double-Free in IntoIter::drop when element drop panics
Apr 20, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-5735 CRITICAL
Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-5734 CRITICAL
Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-5733 HIGH
Incorrect boundary conditions in the Graphics: WebGPU component
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5732 HIGH
Incorrect boundary conditions, integer overflow in the Graphics: Text component
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5731 CRITICAL
Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
Apr 07, 2026
CVSS 9.8
EPSS 0.00