Total CVEs

138,714

Critical Severity

3,596

High Severity

12,883

Last 7 Days

1,753
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 2,641 - 2,660 of 3,469 CVEs
CVE-2026-2780 CRITICAL - 9.8

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2779 CRITICAL - 9.8

Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2778 CRITICAL - 10.0

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2777 CRITICAL - 9.8

Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2776 CRITICAL - 10.0

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2775 CRITICAL - 9.8

Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2774 CRITICAL - 9.8

Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2773 CRITICAL - 9.8

Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2772 CRITICAL - 9.8

Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2771 CRITICAL - 9.8

Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2770 CRITICAL - 9.8

Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2768 CRITICAL - 10.0

Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2767 CRITICAL - 9.8

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2766 CRITICAL - 9.8

Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2765 CRITICAL - 9.8

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2764 CRITICAL - 9.8

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2763 CRITICAL - 9.8

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2762 CRITICAL - 9.8

Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2761 CRITICAL - 10.0

Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD
CVE-2026-2760 CRITICAL - 10.0

Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Vendor: mozilla
Product: firefox
Published: Feb 24, 2026
Source: NVD