Skip to content

#mozilla

28 articles

Security Alerts May 19, 2026

CVE-2026-8948: Same-Origin Policy Bypass in Mozilla Firefox

Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151....

Security Alerts May 19, 2026

CVE-2026-8950: Same-Origin Policy Bypass in Mozilla Firefox

Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11....

Security Alerts May 19, 2026

CVE-2026-8953: Use-after-free sandbox escape in Mozilla Firefox

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11....

Security Alerts May 19, 2026

CVE-2026-8956: Integer Overflow in Mozilla Firefox

Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11....

Security Alerts May 19, 2026

CVE-2026-8959: Sandbox Escape in Mozilla Firefox

Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11....

Security Alerts May 19, 2026

CVE-2026-8973: Memory safety bugs in Mozilla Firefox

Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....

Security Alerts May 19, 2026

CVE-2026-8974: Memory safety bugs in Mozilla Firefox

Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited...

Security Alerts May 19, 2026

CVE-2026-8975: Memory safety bugs in Mozilla Firefox

Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...

Security Alerts Apr 28, 2026

CVE-2026-7321: Sandbox escape in Mozilla Firefox ESR via WebRTC Networking

Sandbox escape in Mozilla Firefox ESR caused by incorrect boundary conditions in the WebRTC: Networking component. The vulnerability was fixed in Firefox ESR 140.10.1.

Security Alerts Apr 21, 2026

CVE-2026-6768: Mitigation bypass in Firefox Networking Cookies component

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150....

Security Alerts Apr 7, 2026

CVE-2026-5731: Memory corruption in Mozilla Firefox

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and w...

Security Alerts Apr 7, 2026

CVE-2026-5734: Memory corruption in Mozilla Firefox

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with en...

Security Alerts Apr 7, 2026

CVE-2026-5735: Memory corruption in Mozilla Firefox

Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl...

Security Alerts Feb 2, 2026

CVE-2026-4688: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Feb 1, 2026

CVE-2026-4691: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9....

Security Alerts Jan 31, 2026

CVE-2026-4696: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9....

Security Alerts Jan 30, 2026

CVE-2026-4698: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9....

Security Alerts Jan 29, 2026

CVE-2026-4700: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 28, 2026

CVE-2026-4701: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 27, 2026

CVE-2026-4702: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 26, 2026

CVE-2026-4705: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 25, 2026

CVE-2026-4711: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 24, 2026

CVE-2026-4715: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 23, 2026

CVE-2026-4716: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 22, 2026

CVE-2026-4717: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9....

Security Alerts Jan 21, 2026

CVE-2026-4720: Memory corruption in Mozilla Firefox

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort ...

Security Alerts Jan 20, 2026

CVE-2026-4723: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149....

Security Alerts Jan 19, 2026

CVE-2026-4725: Critical Vulnerability in Mozilla Firefox - Immediate Update Required

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149....