CVE-2026-12326

HIGH

Memory safety bugs fixed in Firefox 152 and Thunderbird 152

Title source: cna
STIX 2.1

Description

Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Scores

CVSS v3 8.1
EPSS 0.0025
EPSS Percentile 16.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-119 CWE-825
Status published
Products (4)
mozilla/firefox < 152.0.0
Mozilla/Firefox 152
mozilla/thunderbird < 152.0.0
Mozilla/Thunderbird 152
Published Jun 16, 2026
Tracked Since Jun 16, 2026