mozilla
3,564 tracked vulnerabilities.
CVE-2026-2803
HIGH
Firefox < 148.0 and Thunderbird < 148.0 - Information Disclosure via Settings UI Component
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-2802
MEDIUM
Firefox and Thunderbird < 148.0 - Race Condition in JavaScript GC
Feb 24, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-2801
HIGH
Firefox < 148.0 and Thunderbird < 148.0 - Incorrect Boundary Conditions in JavaScript WebAssembly Component
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-2800
CRITICAL
Firefox for Android <148 - Spoofing
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2799
CRITICAL
Firefox < 148.0 - Use-After-Free in DOM Core & HTML Component
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2798
HIGH
Firefox < 148.0 - Use-After-Free in DOM Core & HTML Component
Feb 24, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-2797
CRITICAL
Firefox < 148.0 - Use-After-Free in JavaScript GC
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2796
CRITICAL
Firefox < 148.0 - Type Confusion in JavaScript WebAssembly JIT
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2795
CRITICAL
Firefox < 148.0 - Use-After-Free in JavaScript GC
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2794
HIGH
Firefox < 148.0 - Information Disclosure via Uninitialized Memory
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-2793
CRITICAL
Firefox/Thunderbird ESR - Memory Corruption
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2792
CRITICAL
Firefox ESR 140.7 - Memory Corruption
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2791
CRITICAL
Firefox <148 & ESR <140.8 - Auth Bypass
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2790
CRITICAL
Firefox <148 & ESR <140.8 - Auth Bypass
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2789
CRITICAL
Firefox < 115.33.0, 140.8-140.*, >=148 - Use-After-Free in Graphics: ImageLib
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2788
CRITICAL
Firefox < 115.33.0, < 148.0 and Thunderbird < 140.8.0, < 148.0 - Memory Corruption in GMP Audio/Video Component
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2787
CRITICAL
Firefox < 115.33.0, 140.8.0-140.*, <148.0 and Thunderbird <140.8.0, <148.0 - Use-After-Free in DOM Window and Location
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2786
CRITICAL
Firefox < 148.0 and 140.8-140.* - Use-After-Free in JavaScript Engine
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2785
CRITICAL
Firefox and Thunderbird < 140.8.0 and < 148.0 - Use-After-Free in JavaScript Engine
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2784
CRITICAL
Firefox < 148.0 and < 140.8.0 - Authentication Bypass via DOM Security Mitigation
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2783
HIGH
Firefox <148 & ESR <140.8 - Info Disclosure
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-2782
CRITICAL
Firefox <148 & ESR <140.8 - Privilege Escalation
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2781
CRITICAL
Firefox and Thunderbird < 148 and < 140.8 - Integer Overflow in NSS Libraries
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2780
CRITICAL
Firefox <148 & ESR <140.8 - Privilege Escalation
Feb 24, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-2779
CRITICAL
Firefox < 148.0 and < 140.8.0 - Memory Corruption in Networking JAR Component
Feb 24, 2026
CVSS 9.8
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 18
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters