Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
21903
Total
1562
Critical
6654
High
7000
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-53899 | MEDIUM | 6.5 | Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging … | Jun 16, 2026 |
| CVE-2026-12330 | MEDIUM | 5.4 | Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12329 | MEDIUM | 5.3 | Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12328 | HIGH | 8.1 | Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence … | Jun 16, 2026 |
| CVE-2026-12327 | HIGH | 7.3 | Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption … | Jun 16, 2026 |
| CVE-2026-12326 | HIGH | 7.3 | Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough … | Jun 16, 2026 |
| CVE-2026-12325 | MEDIUM | 6.5 | Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12324 | HIGH | 7.3 | Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12323 | MEDIUM | 5.4 | Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12322 | MEDIUM | 5.4 | Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12321 | MEDIUM | 5.4 | JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12320 | MEDIUM | 4.3 | Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12319 | MEDIUM | 6.5 | Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12318 | HIGH | 7.3 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12317 | HIGH | 7.5 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12316 | CRITICAL | 9.1 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | Jun 16, 2026 |
| CVE-2026-12315 | CRITICAL | 9.1 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12314 | HIGH | 7.5 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12313 | MEDIUM | 4.7 | Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12312 | HIGH | 7.5 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12311 | MEDIUM | 4.7 | Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12310 | HIGH | 7.5 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12309 | MEDIUM | 6.5 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12308 | MEDIUM | 5.3 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |
| CVE-2026-12307 | MEDIUM | 5.3 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | Jun 16, 2026 |