34 Total CVEs
33 AI Analyzed
1 CISA KEV
21 Critical
All Vendors
Showing 1-34 of 34 CVEs
CVE-2026-8953
Analyzed
9.6
Mozilla Firefox / Thunderbird

A use-after-free vulnerability in the Disability Access APIs of Mozilla products can lead to a sandbox escape and potential arbitrary code execution.

2026-05-20
CVE-2026-8950
Analyzed
9.3
Mozilla Firefox and Thunderbird

A same-origin policy bypass exists in the networking component of Mozilla Firefox and Thunderbird, potentially allowing unauthorized cross-origin data...

2026-05-20
CVE-2026-8948
Analyzed
9.1
Mozilla Firefox and Thunderbird

A same-origin policy bypass in the DOM networking component of Mozilla Firefox and Thunderbird allows for unauthorized cross-origin interactions.

2026-05-20
CVE-2026-8389
Analyzed
8.8
Mozilla Firefox

JIT miscompilation in the JavaScript Engine: JIT component

2026-06-07
CVE-2026-7321
Analyzed
9.6
Mozilla Firefox, Thunderbird

A sandbox escape vulnerability in the WebRTC networking component allows attackers to bypass security boundaries.

2026-04-29
CVE-2026-6786
Analyzed
8.1
Mozilla Firefox ESR

Memory safety bugs present in Firefox ESR 140

2026-04-27
CVE-2026-6785
Analyzed
8.1
Mozilla Firefox ESR

Memory safety bugs present in Firefox ESR 115

2026-04-27
CVE-2026-4725
Analyzed
10
Mozilla Firefox and Thunderbird

A use-after-free vulnerability in the Graphics: Canvas2D component of Mozilla Firefox and Thunderbird enables a critical sandbox escape.

2026-03-25
CVE-2026-4723
Analyzed
9.8
Mozilla Firefox and Thunderbird

A use-after-free vulnerability in the JavaScript Engine of Mozilla Firefox and Thunderbird allows for critical remote code execution.

2026-03-25
CVE-2026-4717
Analyzed
9.8
Mozilla Firefox and Thunderbird

A privilege escalation vulnerability exists in the Netmonitor component of Mozilla Firefox and Thunderbird. Successful exploitation could allow an att...

2026-03-25
CVE-2026-4715
Analyzed
9.1
Mozilla Firefox and Thunderbird

An uninitialized memory vulnerability in the Graphics: Canvas2D component affects Mozilla Firefox and Thunderbird, leading to potential memory corrupt...

2026-03-25
CVE-2026-4705
Analyzed
9.8
Mozilla Firefox and Thunderbird

Undefined behavior in the WebRTC: Signaling component of Mozilla products creates a critical security risk for Firefox and Thunderbird users.

2026-03-25
CVE-2026-4702
Analyzed
9.8
Mozilla Firefox and Thunderbird

A JIT miscompilation in the JavaScript Engine of Mozilla products allows unauthenticated attackers to achieve remote code execution via crafted web co...

2026-03-25
CVE-2026-4701
Analyzed
9.8
Mozilla Firefox and Thunderbird

A use-after-free vulnerability in the JavaScript Engine of Mozilla products allows unauthenticated remote code execution through memory corruption.

2026-03-25
CVE-2026-4700
Analyzed
9.8
Mozilla Firefox and Thunderbird

A mitigation bypass vulnerability in the Networking: HTTP component affects several Mozilla products, including Firefox and Thunderbird.

2026-03-25
CVE-2026-4698
Analyzed
9.8
Mozilla Firefox and Thunderbird

A critical JIT miscompilation vulnerability in the JavaScript Engine of Mozilla browsers allows for remote code execution via malicious scripts.

2026-03-25
CVE-2026-4696
Analyzed
9.8
Mozilla Firefox and Thunderbird

A critical use-after-free vulnerability in the Layout: Text and Fonts component of Mozilla products could allow for remote code execution when process...

2026-03-25
CVE-2026-4691
Analyzed
9.8
Mozilla Firefox and Thunderbird

A use-after-free vulnerability in the CSS Parsing and Computation component of Mozilla browsers allows for potential remote code execution via specifi...

2026-03-25
CVE-2026-4688
Analyzed
10
Mozilla Firefox and Thunderbird

A critical sandbox escape vulnerability in Mozilla products, caused by a use-after-free in Disability Access APIs, allows for full system compromise.

2026-03-25
CVE-2026-12289
Analyzed
8.8
Mozilla Firefox/Thunderbird

Privilege escalation in the Graphics: WebRender component

2026-06-17
CVE-2026-0884
Analyzed
9.8
Mozilla Multiple Products

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147 and Firefox ESR < 140.7.

2026-01-14
CVE-2026-0879
Analyzed
9.8
Mozilla Multiple Products

Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, and Fir...

2026-01-14
CVE-2025-8040
Analyzed
8.8
Mozilla Multiple Products

Memory safety bugs present in Firefox ESR 140

2025-07-23
CVE-2025-8035
Analyzed
8.8
Mozilla Multiple Products

Memory safety bugs present in Firefox ESR 128

2025-07-23
CVE-2025-8034
Analyzed
8.8
Mozilla Multiple Products

Memory safety bugs present in Firefox ESR 115

2025-07-23
CVE-2025-11721
Analyzed
9.8
Mozilla Multiple Products

Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort thi...

2025-10-15
CVE-2025-11710
Analyzed
9.8
Mozilla Multiple Products

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromi...

2025-10-15
CVE-2025-11152
Analyzed
8.6
Mozilla Multiple Products

This vulnerability affects Firefox < 143

2025-10-01
CVE-2025-10536
Analyzed
8.4
Mozilla Multiple Products

This vulnerability affects Firefox < 143, Firefox ESR < 140

2025-09-16
CVE-2025-10535
Analyzed
7.5
Mozilla Multiple Products

This vulnerability affects Firefox < 143

2025-09-17
CVE-2025-10534
Analyzed
8.1
Mozilla Multiple Products

This vulnerability affects Firefox < 143 and Thunderbird < 143

2025-09-17
CVE-2025-10533
Analyzed
8.8
Mozilla Multiple Products

This vulnerability affects Firefox < 143, Firefox ESR < 115

2025-09-16
CVE-2025-10527
Analyzed
7.1
Mozilla Multiple Products

This vulnerability affects Firefox < 143, Firefox ESR < 140

2025-09-16
CVE-2010-3765
KEV
9.5
Mozilla Multiple Products

Mozilla Multiple Products Remote Code Execution Vulnerability - Active in CISA KEV catalog.

2025-10-06