Total CVEs

140,426

Critical Severity

3,747

High Severity

13,550

Last 7 Days

1,486
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 3,401 - 3,420 of 36,831 CVEs
CVE-2026-12306 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12305 HIGH - 7.5

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12304 CRITICAL - 9.1

Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12303 MEDIUM - 4.3

Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12302 MEDIUM - 6.5

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12301 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12300 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12299 MEDIUM - 5.4

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12298 MEDIUM - 5.4

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12297 CRITICAL - 9.6

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12296 CRITICAL - 9.6

Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12295 CRITICAL - 9.6

Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12294 CRITICAL - 9.6

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12293 CRITICAL - 9.8

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12292 HIGH - 8.1

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12291 HIGH - 8.8

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12290 HIGH - 8.1

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12289 HIGH - 8.8

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable.Β This project is unmai...

Published: Jun 16, 2026
Source: NVD
CVE-2026-40750 CRITICAL - 9.9

Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.8.9.

Vendor: themagnifico52
Product: Kids Online Store
Published: Jun 16, 2026
Source: NVD