Aggregates CVE and security vulnerability intelligence across all Mozilla-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and vendor risk input validation and related problems; some flaws may lead to vendor impact unexpected behavior, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-12313 | Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 4.7 | 0.18% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12312 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12311 | Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 4.7 | 0.18% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12310 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12309 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 6.5 | 0.24% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12308 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12307 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12306 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12305 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 7.5 | 0.40% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12304 | Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 9.1 | 0.19% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12303 | Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | [email protected] | 4.3 | 0.22% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12302 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 6.5 | 0.25% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12301 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | [email protected] | 5.3 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12300 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | [email protected] | 5.3 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12299 | JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 5.4 | 0.31% | 2026-06-16 | 2026-06-30 |
| CVE-2026-12298 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 5.4 | 0.31% | 2026-06-16 | 2026-06-30 |
| CVE-2026-12297 | Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 9.6 | 0.39% | 2026-06-16 | 2026-06-30 |
| CVE-2026-12296 | Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 9.6 | 0.39% | 2026-06-16 | 2026-06-30 |
| CVE-2026-12295 | Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 9.6 | 0.39% | 2026-06-16 | 2026-06-30 |
| CVE-2026-12294 | Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | [email protected] | 9.6 | 0.36% | 2026-06-16 | 2026-06-30 |