MozillaFirefox (SUSE:Linux Enterprise Server 12 SP5-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP5-LTSS package MozillaFirefox, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2026-2768 — CVSS 10.0 (critical): Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-2761 — CVSS 10.0 (critical): Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2776 — CVSS 10.0 (critical): Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in…
CVE-2026-2778 — CVSS 10.0 (critical): Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox…
CVE-2026-4688 — CVSS 10.0 (critical): Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 149, Firefox ESR…
CVE-2026-4689 — CVSS 10.0 (critical): Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149…
CVE-2026-4692 — CVSS 10.0 (critical): Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9…
CVE-2026-2760 — CVSS 10.0 (critical): Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148…
CVE-2025-8038 — CVSS 9.8 (critical): Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability was fixed in Firefox 141, Firefox ESR…
CVE-2025-8031 — CVSS 9.8 (critical): The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials…
CVE-2025-8028 — CVSS 9.8 (critical): On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation…
CVE-2026-4720 — CVSS 9.8 (critical): Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence…
CVE-2024-11704 — CVSS 9.8 (critical): A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the…
CVE-2026-4700 — CVSS 9.8 (critical): Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-4698 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR…
CVE-2026-4696 — CVSS 9.8 (critical): Use-after-free in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9…
CVE-2026-4691 — CVSS 9.8 (critical): Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR…
CVE-2026-2757 — CVSS 9.8 (critical): Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33…
CVE-2025-6424 — CVSS 9.8 (critical): A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability was fixed in Firefox 140, Firefox ESR…
CVE-2024-11698 — CVSS 9.8 (critical): A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal…
CVE-2026-0884 — CVSS 9.8 (critical): Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and…
CVE-2026-0879 — CVSS 9.8 (critical): Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR…
CVE-2025-9187 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2025-6433 — CVSS 9.8 (critical): If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge…
CVE-2025-9179 — CVSS 9.8 (critical): An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily…
CVE-2026-2766 — CVSS 9.8 (critical): Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148…
CVE-2026-2765 — CVSS 9.8 (critical): Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-4701 — CVSS 9.8 (critical): Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-2764 — CVSS 9.8 (critical): JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR…
CVE-2026-2763 — CVSS 9.8 (critical): Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2762 — CVSS 9.8 (critical): Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird…
CVE-2025-4918 — CVSS 9.8 (critical): An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox…
CVE-2026-4721 — CVSS 9.8 (critical): Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these…
CVE-2026-2759 — CVSS 9.8 (critical): Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox…
CVE-2026-2758 — CVSS 9.8 (critical): Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2793 — CVSS 9.8 (critical): Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these…
CVE-2025-1009 — CVSS 9.8 (critical): An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was…
CVE-2026-4717 — CVSS 9.8 (critical): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-2792 — CVSS 9.8 (critical): Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence…
CVE-2026-2791 — CVSS 9.8 (critical): Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2025-1017 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of…
CVE-2025-11708 — CVSS 9.8 (critical): Use-after-free in MediaTrackGraphImpl::GetInstance(). This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and…
CVE-2025-11709 — CVSS 9.8 (critical): A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures…
CVE-2025-11710 — CVSS 9.8 (critical): A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to…
CVE-2026-2790 — CVSS 9.8 (critical): Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird…
CVE-2026-2789 — CVSS 9.8 (critical): Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2788 — CVSS 9.8 (critical): Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox…
CVE-2026-4711 — CVSS 9.8 (critical): Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-5734 — CVSS 9.8 (critical): Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs…
CVE-2026-2787 — CVSS 9.8 (critical): Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR…
CVE-2026-2786 — CVSS 9.8 (critical): Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-2785 — CVSS 9.8 (critical): Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-2784 — CVSS 9.8 (critical): Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-2782 — CVSS 9.8 (critical): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-2781 — CVSS 9.8 (critical): Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148…
CVE-2026-2780 — CVSS 9.8 (critical): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and…
CVE-2026-4710 — CVSS 9.8 (critical): Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird…
CVE-2025-14321 — CVSS 9.8 (critical): Use-after-free in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and…
CVE-2026-2779 — CVSS 9.8 (critical): Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird…
CVE-2024-11693 — CVSS 9.8 (critical): The executable file warning was not presented when downloading .library-ms files. *Note: This issue only affected Windows operating…
CVE-2025-14324 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR…
CVE-2026-2777 — CVSS 9.8 (critical): Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-4705 — CVSS 9.8 (critical): Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2025-14330 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird…
CVE-2026-2775 — CVSS 9.8 (critical): Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2774 — CVSS 9.8 (critical): Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-4702 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-2773 — CVSS 9.8 (critical): Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR…
CVE-2026-2772 — CVSS 9.8 (critical): Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2771 — CVSS 9.8 (critical): Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2770 — CVSS 9.8 (critical): Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2767 — CVSS 9.8 (critical): Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148…
CVE-2026-12297 — CVSS 9.6 (critical): Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR…
CVE-2026-12295 — CVSS 9.6 (critical): Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37…
CVE-2026-12296 — CVSS 9.6 (critical): Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird…
CVE-2026-12294 — CVSS 9.6 (critical): Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37…
CVE-2026-4715 — CVSS 9.1 (critical): Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149…
CVE-2025-8037 — CVSS 9.1 (critical): Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the…
CVE-2026-12304 — CVSS 9.1 (critical): Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12…
CVE-2026-12315 — CVSS 9.1 (critical): Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and…
CVE-2025-6427 — CVSS 9.1 (critical): An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also…
CVE-2026-4716 — CVSS 9.1 (critical): Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149…
CVE-2025-14329 — CVSS 8.8 (high): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and…
CVE-2024-10467 — CVSS 8.8 (high): Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory…
CVE-2024-11691 — CVSS 8.8 (high): Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in…
CVE-2024-11697 — CVSS 8.8 (high): When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation…
CVE-2024-11699 — CVSS 8.8 (high): Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory…
CVE-2025-1010 — CVSS 8.8 (high): An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability…
CVE-2025-1011 — CVSS 8.8 (high): A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code…
CVE-2025-1014 — CVSS 8.8 (high): Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This…
CVE-2025-11714 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these…
CVE-2025-11715 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence…
CVE-2025-13014 — CVSS 8.8 (high): Use-after-free in the Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30…
CVE-2025-13020 — CVSS 8.8 (high): Use-after-free in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and…
CVE-2025-14323 — CVSS 8.8 (high): Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR…
CVE-2025-14328 — CVSS 8.8 (high): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and…
CVE-2025-1930 — CVSS 8.8 (high): On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process…
CVE-2025-2817 — CVSS 8.8 (high): Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the…
CVE-2025-4919 — CVSS 8.8 (high): An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability…
CVE-2025-6426 — CVSS 8.8 (high): The executable file warning did not warn users before opening files with the `terminal` extension. *This bug only affects Firefox for…
CVE-2025-8040 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence…
CVE-2026-0880 — CVSS 8.8 (high): Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox…
CVE-2026-0882 — CVSS 8.8 (high): Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147…
CVE-2026-12289 — CVSS 8.8 (high): Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR…
CVE-2026-12291 — CVSS 8.8 (high): Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37…
CVE-2026-2447 — CVSS 8.8 (high): Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird…
CVE-2026-2769 — CVSS 8.8 (high): Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-5732 — CVSS 8.8 (high): Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox…
CVE-2026-4687 — CVSS 8.6 (high): Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR…
CVE-2025-6432 — CVSS 8.6 (high): When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS…
CVE-2026-4690 — CVSS 8.6 (high): Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149…
CVE-2026-12327 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed…
CVE-2025-5268 — CVSS 8.1 (high): Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence…
CVE-2025-6435 — CVSS 8.1 (high): If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with…
CVE-2025-8032 — CVSS 8.1 (high): XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141…
CVE-2025-9184 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence…
CVE-2026-0877 — CVSS 8.1 (high): Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7…
CVE-2025-8030 — CVSS 8.1 (high): Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This…
CVE-2026-4718 — CVSS 8.1 (high): Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2025-6436 — CVSS 8.1 (high): Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2025-8029 — CVSS 8.1 (high): Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability was fixed in Firefox 141, Firefox ESR…
CVE-2025-8039 — CVSS 8.1 (high): In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in…
CVE-2025-8036 — CVSS 8.1 (high): Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This…
CVE-2025-3030 — CVSS 8.1 (high): Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of…
CVE-2026-12328 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of…
CVE-2025-13019 — CVSS 8.1 (high): Same-origin policy bypass in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145…
CVE-2025-9180 — CVSS 8.1 (high): Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR…
CVE-2025-14333 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence…
CVE-2025-1932 — CVSS 8.1 (high): An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version…
CVE-2025-5269 — CVSS 8.1 (high): Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that…
CVE-2026-0891 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence…
CVE-2025-11713 — CVSS 8.1 (high): Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows…
CVE-2026-12290 — CVSS 8.1 (high): Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird…
CVE-2025-13017 — CVSS 8.1 (high): Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird…
CVE-2026-12292 — CVSS 8.1 (high): Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152…
CVE-2025-13018 — CVSS 8.1 (high): Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and…
CVE-2026-0878 — CVSS 8.0 (high): Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147…
CVE-2025-14322 — CVSS 8.0 (high): Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146…
CVE-2024-43097 — CVSS 7.8 (high): In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation…
CVE-2025-0241 — CVSS 7.7 (high): When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability…
CVE-2025-1933 — CVSS 7.6 (high): On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them…
CVE-2026-4708 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149…
CVE-2025-9182 — CVSS 7.5 (high): Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR…
CVE-2026-4719 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird…
CVE-2025-59375 — CVSS 7.5 (high): libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for…
CVE-2026-12305 — CVSS 7.5 (high): Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird…
CVE-2026-12310 — CVSS 7.5 (high): Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird…
CVE-2026-12312 — CVSS 7.5 (high): Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird…
CVE-2026-12314 — CVSS 7.5 (high): Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird…
CVE-2025-1937 — CVSS 7.5 (high): Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these…
CVE-2024-10459 — CVSS 7.5 (high): An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This…
CVE-2025-1931 — CVSS 7.5 (high): It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable…
CVE-2024-10458 — CVSS 7.5 (high): A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects…
CVE-2025-14327 — CVSS 7.5 (high): Spoofing issue in the Downloads Panel component. This vulnerability was fixed in Firefox 146, Thunderbird 146, Firefox ESR 140.7, and…
CVE-2026-2783 — CVSS 7.5 (high): Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148…
CVE-2025-13016 — CVSS 7.5 (high): Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5…
CVE-2025-13012 — CVSS 7.5 (high): Race condition in the Graphics component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird…
CVE-2025-1012 — CVSS 7.5 (high): A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR…
CVE-2026-4684 — CVSS 7.5 (high): Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2026-4685 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox…
CVE-2026-4686 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox…
CVE-2026-4693 — CVSS 7.5 (high): Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2026-4694 — CVSS 7.5 (high): Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2026-4695 — CVSS 7.5 (high): Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9…
CVE-2026-4697 — CVSS 7.5 (high): Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9…
CVE-2026-4699 — CVSS 7.5 (high): Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2026-4704 — CVSS 7.5 (high): Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-4706 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox…
CVE-2026-4707 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox…
CVE-2026-4709 — CVSS 7.5 (high): Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox…
CVE-2024-10466 — CVSS 7.5 (high): By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become…
CVE-2026-4712 — CVSS 7.5 (high): Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-4713 — CVSS 7.5 (high): Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149…
CVE-2026-4714 — CVSS 7.5 (high): Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird…
CVE-2026-12324 — CVSS 7.3 (high): Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12…
CVE-2025-3029 — CVSS 7.3 (high): A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing…
CVE-2025-14325 — CVSS 7.3 (high): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird…
CVE-2025-1936 — CVSS 7.3 (high): jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content…
CVE-2026-12302 — CVSS 6.5 (medium): Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37…
CVE-2025-14331 — CVSS 6.5 (medium): Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR…
CVE-2025-8027 — CVSS 6.5 (medium): On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire…
CVE-2025-6429 — CVSS 6.5 (medium): Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag…
CVE-2025-9183 — CVSS 6.5 (medium): Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2.
CVE-2025-8033 — CVSS 6.5 (medium): The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This…
CVE-2024-10462 — CVSS 6.5 (medium): Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR <…
CVE-2025-11711 — CVSS 6.5 (medium): There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. This vulnerability was fixed in…
CVE-2025-1013 — CVSS 6.5 (medium): A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential…
CVE-2024-10465 — CVSS 6.5 (medium): A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR…
CVE-2024-10464 — CVSS 6.5 (medium): Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was…
CVE-2025-9181 — CVSS 6.5 (medium): Uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 142, Firefox ESR 128.14, Firefox ESR…
CVE-2024-10463 — CVSS 6.5 (medium): Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4…
CVE-2026-12309 — CVSS 6.5 (medium): Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird…
CVE-2026-12325 — CVSS 6.5 (medium): Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37…
CVE-2025-3028 — CVSS 6.5 (medium): JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability was fixed…