聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2026-4719 | Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.43% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4718 | Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 8.1 | 0.30% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4717 | Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.42% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4716 | Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.1 | 0.41% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4715 | Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.1 | 0.43% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4714 | Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.43% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4713 | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.43% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4712 | Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.39% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4711 | Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.40% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4710 | Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.41% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4709 | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.46% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4708 | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.43% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4707 | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.58% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4706 | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.45% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4705 | Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.42% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4704 | Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.41% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4702 | JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.47% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4701 | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.46% | 2026-03-24 | 2026-06-17 |
| CVE-2026-4700 | Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 9.8 | 0.46% | 2026-03-24 | 2026-06-29 |
| CVE-2026-4699 | Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | 7.5 | 0.69% | 2026-03-24 | 2026-06-29 |