Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6774 | MEDIUM | 5.4 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6773 | HIGH | 7.5 | Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6772 | HIGH | 7.5 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and … | Apr 21, 2026 |
| CVE-2026-6771 | CRITICAL | 9.8 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6770 | MEDIUM | 6.5 | Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6769 | HIGH | 8.8 | Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6768 | CRITICAL | 9.8 | Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6767 | MEDIUM | 5.3 | Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird … | Apr 21, 2026 |
| CVE-2026-6766 | HIGH | 7.5 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6765 | MEDIUM | 5.3 | Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6764 | MEDIUM | 6.5 | Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6763 | MEDIUM | 6.5 | Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6762 | UNKNOWN | — | Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and … | Apr 21, 2026 |
| CVE-2026-6761 | HIGH | 8.8 | Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6760 | UNKNOWN | — | Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6759 | HIGH | 7.5 | Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6758 | HIGH | 7.5 | Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6757 | UNKNOWN | — | Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6756 | UNKNOWN | — | Mitigation bypass in Firefox for Android. This vulnerability was fixed in Firefox 150. | Apr 21, 2026 |
| CVE-2026-6755 | MEDIUM | 6.5 | Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6754 | HIGH | 7.5 | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6753 | UNKNOWN | — | Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6752 | HIGH | 7.3 | Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6751 | HIGH | 7.3 | Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6750 | HIGH | 8.8 | Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |