Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 5,001 - 5,020 of 38,432 CVEs
CVE-2026-12307 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12306 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12305 HIGH - 7.5

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12304 CRITICAL - 9.1

Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12303 MEDIUM - 4.3

Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12302 MEDIUM - 6.5

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12301 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12300 MEDIUM - 5.3

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12299 MEDIUM - 5.4

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12298 MEDIUM - 5.4

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12297 CRITICAL - 9.6

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12296 CRITICAL - 9.6

Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12295 CRITICAL - 9.6

Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12294 CRITICAL - 9.6

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12293 CRITICAL - 9.8

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12292 HIGH - 8.1

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12291 HIGH - 8.8

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12290 HIGH - 8.1

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD
CVE-2026-12289 HIGH - 8.8

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

Vendor: Mozilla
Product: Firefox
Published: Jun 16, 2026
Source: NVD

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable.Β This project is unmai...

Published: Jun 16, 2026
Source: NVD