MITRE ATT&CK CVE list for this attack path. Use risk scores and timeline to decide what to patch first and what to track next.
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2026-42488 | Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache. | 8.1 | 无 | 2026-06-18 | 2026-06-18 |
| CVE-2026-12317 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 7.5 | 0.31% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12314 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12312 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12310 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12309 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 6.5 | 0.24% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12308 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12307 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12306 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12305 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.40% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12301 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 5.3 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12300 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 5.3 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12297 | Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | 9.6 | 0.31% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12292 | Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 8.1 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12290 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | 8.1 | 0.29% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12222 | A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs to be done within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | 7.3 | 0.37% | 2026-06-15 | 2026-06-15 |
| CVE-2026-12221 | A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/start_offset results in stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | 7.3 | 0.37% | 2026-06-15 | 2026-06-15 |
| CVE-2026-12220 | A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Upload handler. Such manipulation of the argument uid leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 7.3 | 0.37% | 2026-06-15 | 2026-06-15 |
| CVE-2026-12218 | A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local network is required for this attack. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 7.3 | 0.37% | 2026-06-15 | 2026-06-15 |
| CVE-2026-12216 | A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk_api_bytecode.c. Executing a manipulation of the argument count_instr can lead to memory corruption. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | 1.9 | 0.11% | 2026-06-15 | 2026-06-15 |