Mozilla Mozilla

  1. Vendors
  2. Mozilla

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Mozilla product.

RSS Feeds for Mozilla security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Mozilla products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Mozilla Sorted by Most Security Vulnerabilities since 2018

Mozilla Firefox2182 vulnerabilities
Open source web browser

Mozilla Thunderbird1414 vulnerabilities
Email client

Mozilla FireFox Extended Support Release (ESR)1125 vulnerabilities

Mozilla SeaMonkey286 vulnerabilities
Browser, email and newsgroup client

Mozilla Thunderbird Esr217 vulnerabilities

Mozilla Network Security Services28 vulnerabilities

Mozilla Focus23 vulnerabilities

Mozilla Firefox Mobile21 vulnerabilities

Mozilla Firefox Focus17 vulnerabilities

Mozilla9 vulnerabilities

Mozilla Nss8 vulnerabilities

Mozilla Firefox Os5 vulnerabilities

Mozilla Vpn4 vulnerabilities

Mozilla Nunjucks1 vulnerability

Mozilla Zamboni1 vulnerability

Mozilla Netscape Portable Runtime1 vulnerability

Recent Mozilla Security Advisories

Advisory Title Published
mfsa2026-50 Security Vulnerabilities fixed in Thunderbird 151 mfsa2026-50 May 19, 2026
mfsa2026-47 Security Vulnerabilities fixed in Firefox ESR 115.36 mfsa2026-47 May 19, 2026
mfsa2026-51 Security Vulnerabilities fixed in Thunderbird 140.11 mfsa2026-51 May 19, 2026
mfsa2026-49 Security Vulnerabilities fixed in Firefox for iOS 151.0 mfsa2026-49 May 19, 2026
mfsa2026-48 Security Vulnerabilities fixed in Firefox ESR 140.11 mfsa2026-48 May 19, 2026
mfsa2026-46 Security Vulnerabilities fixed in Firefox 151 mfsa2026-46 May 19, 2026
mfsa2026-45 Security Vulnerabilities fixed in Firefox 150.0.3 mfsa2026-45 May 12, 2026
mfsa2026-44 Security Vulnerabilities fixed in Thunderbird 140.10.2 mfsa2026-44 May 8, 2026
mfsa2026-43 Security Vulnerabilities fixed in Thunderbird 150.0.2 mfsa2026-43 May 8, 2026
mfsa2026-40 Security Vulnerabilities fixed in Firefox 150.0.2 mfsa2026-40 May 7, 2026

Known Exploited Mozilla Vulnerabilities

The following Mozilla vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Mozilla Multiple Products Remote Code Execution Vulnerability Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption.
CVE-2010-3765 Exploit Probability: 86.8% 		October 6, 2025
Mozilla Firefox Use-After-Free Vulnerability Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.
CVE-2024-9680 Exploit Probability: 30.8% 		October 15, 2024
Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows.
CVE-2016-9079 Exploit Probability: 84.8% 		June 22, 2023
Mozilla Firefox Security Feature Bypass Vulnerability Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.
CVE-2015-4495 Exploit Probability: 71.6% 		May 25, 2022
Mozilla Firefox and Thunderbird Type Confusion Vulnerability Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.
CVE-2019-11707 Exploit Probability: 84.3% 		May 23, 2022
Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution.
CVE-2019-11708 Exploit Probability: 68.1% 		May 23, 2022
Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service or possibly execute arbitrary code via a crafted web site.
CVE-2013-1690 Exploit Probability: 47.1% 		March 28, 2022
Mozilla Firefox Use-After-Free Vulnerability Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.
CVE-2022-26486 Exploit Probability: 5.6% 		March 7, 2022
Mozilla Firefox Use-After-Free Vulnerability Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.
CVE-2022-26485 Exploit Probability: 7.4% 		March 7, 2022
Mozilla Firefox Information Disclosure Vulnerability Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
CVE-2013-1675 Exploit Probability: 7.9% 		March 3, 2022
Mozilla Firefox 74 and Firefox ESR 68.6 nsDocShell vulnerability A race condition can cause a use-after-free when running the nsDocShell destructor. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
CVE-2020-6819 Exploit Probability: 0.4% 		November 3, 2021
Mozilla Firefox 74 and Firefox ESR 68.6 ReadableStream vulnerability A race condition can cause a use-after-free when handling a ReadableStream. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
CVE-2020-6820 Exploit Probability: 3.1% 		November 3, 2021
Mozilla Firefox IonMonkey JIT compiler Type Confusion Vulnerability Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1
CVE-2019-17026 Exploit Probability: 59.1% 		November 3, 2021

Of the known exploited vulnerabilities above, 3 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 5 known exploited Mozilla vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2026 there have been 218 vulnerabilities in Mozilla with an average score of 8.2 out of ten. Last year, in 2025 Mozilla had 209 security vulnerabilities published. That is, 9 more vulnerabilities have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.69.




Year Vulnerabilities Average Score
2026 218 8.15
2025 209 7.46
2024 204 7.10
2023 202 7.24
2022 188 7.42
2021 158 7.12
2020 184 7.25
2019 152 7.53
2018 345 7.65

It may take a day or so for new Mozilla vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Mozilla Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-8706 May 19, 2026
Firefox iOS 151.0 Reader Mode Local Server SSRF Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0.
Firefox
CVE-2026-8975 May 19, 2026
Mozilla Firefox ESR 115.35/140.10/150 Mem Safety Bug (CVE-2026-8975) Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8974 May 19, 2026
Firefox Memory Safety Bugs 140.10/150: Arbitrary Code Exec Fix in 151 Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8973 May 19, 2026
Mem Saf Bugs in Mozilla Firefox 150 Memory safety bugs present in Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8972 May 19, 2026
Firefox WebRTC Audio/Video PE Vulnerability Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8971 May 19, 2026
CVE-2026-8971: Same-Origin Policy Bypass in Firefox JAR Component Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8970 May 19, 2026
Firefox Privilege Escalation in Security Component before 151/140.11 Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8969 May 19, 2026
CVE-2026-8969: Mitigation Bypass in DOM Security Component of Firefox Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8968 May 19, 2026
Firefox Web Codecs DS via invalid pointer fixed in 151/140.11 Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8967 May 19, 2026
Info Disclosure via WebGPU in Firefox Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8966 May 19, 2026
Information disclosure in Mozilla Firefox IP Protection component Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8965 May 19, 2026
Firefox DOM Info Disclosure (CVE-2026-8965) Fix/Update Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8964 May 19, 2026
Firefox Popup Blocker Spoofing Vulnerability (CVE-2026-8964) Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8963 May 19, 2026
Firefox Web Speech Spoofing Vulnerability Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8962 May 19, 2026
Firefox 151/ESR 140.11 DOM Mitigation Bypass Security Component Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8961 May 19, 2026
Firefox Form Autofill Spoofing CVE-2026-8961 (fixed in 151/ESR 140.11) Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8960 May 19, 2026
Firefox 151 WebExt Spoofing Vulnerability Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8959 May 19, 2026
Firefox 151 Win32 Widget Sandbox Escape - Boundary Condition Flaw Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8958 May 19, 2026
Firefox 151 Information Disclosure Process Sandbox Escape Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8957 May 19, 2026
Privilege Escalation in Firefox Enterprise Policies (before 151) Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8956 May 19, 2026
Integer Overflow in Firefox Networking JAR (150) Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8955 May 19, 2026
Firefox Workers DOM Privilege Escalation (Pre151) Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8954 May 19, 2026
Integer Overflow in Firefox AV Comp (before 151/ESR 140.11) Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8953 May 19, 2026
Firefox Sandbox Escape via Use-After-Free in Disability Access APIs (before 151) Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8952 May 19, 2026
Firefox PrivEsc via Application Update component CVE-2026-8952 Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8951 May 19, 2026
Spoofing Flaw in Firefox for Android Toolbar Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151.
Firefox
CVE-2026-8950 May 19, 2026
Same-origin policy bypass in Firefox Networking:HTTP component before 151 Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8949 May 19, 2026
Firefox 151 Integer Overflow in Widget: Win32 Component (pre-151) Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8948 May 19, 2026
CVE-2026-8948: Same-origin policy bypass in Firefox DOM networking Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Firefox
Thunderbird
CVE-2026-8947 May 19, 2026
Use-After-Free in WebIDL Bindings (Firefox <151) Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8946 May 19, 2026
Firefox Web Codecs Incorrect Boundary Conditions <151 (ESR 115/140) Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8945 May 19, 2026
Firefox Sandbox Escape (Android Focus & Desktop) Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151.
Firefox
CVE-2026-8401 May 12, 2026
Firefox 150.0.3 Sandbox Escape in Profile Backup (Fixed) Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8391 May 12, 2026
JavaScript Engine flaw in Firefox 150.0.3 (fixed) Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8390 May 12, 2026
Firefox WebAssembly Component UAF (pre-150.0.3) Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3.
Firefox
CVE-2026-8389 May 12, 2026
Firefox JIT Miscompilation in JS Engine, Fixed in 150.0.3 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3.
Firefox
CVE-2026-8388 May 12, 2026
Firefox 150 JIT Boundary Condition Vulnerability in JS Engine Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
Firefox
Thunderbird
CVE-2026-8094 May 07, 2026
Firefox ESR 140.10.2 WebRTC Vulnerability Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.
Firefox
Thunderbird
CVE-2026-8093 May 07, 2026
Firefox 150.0.1 Memcor bugs may allow arbitrary code execution Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2.
Firefox
Thunderbird
CVE-2026-8092 May 07, 2026
Firefox 115.35.1/140.10.1/150.0.1 Memory Safety Bug Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.
Firefox
Thunderbird
CVE-2026-8091 May 07, 2026
Firefox ESR AV Playback boundary flaw before 140.10.2 Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.
Firefox
Thunderbird
CVE-2026-8090 May 07, 2026
Use-after-free in Firefox DOM Networking pre-150.0.2 Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.
Firefox
Thunderbird
CVE-2026-7321 Apr 28, 2026
Firefox Sandbox Escape in WebRTC Networking before ESR 140.10.1 Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, and Thunderbird 140.10.1.
Firefox
Thunderbird
CVE-2026-7324 Apr 28, 2026
Memory safety bugs in Firefox 150.0.0 (fixed 150.0.1) Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1 and Thunderbird 150.0.1.
Firefox
Thunderbird
CVE-2026-7323 Apr 28, 2026
Memory Safety Bug in Firefox ESR 140.10.0 & Thunderbird 140.10.0 Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.
Firefox
Thunderbird
CVE-2026-7322 Apr 28, 2026
Memory safety bugs in Firefox ESR 115.35.0/140.10.0 & 150.0.0 (fixed 150.0.1) Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.
Firefox
Thunderbird
CVE-2026-7320 Apr 28, 2026
Firefox Audio/Video Boundary Bug Info Disclosure (fixed in 150.0.1) Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.
Firefox
Thunderbird
CVE-2026-6786 Apr 21, 2026
Firefox 149 / ESR 140.9 Memory Safety Bugs (Arbitrary Code Exec) Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
Firefox
Thunderbird
CVE-2026-6785 Apr 21, 2026
Mozilla Firefox Memory Safety Bug (ESR 115.34, 115.35, ESR 140.9/140.10, 149) Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
Firefox
Thunderbird
CVE-2026-6784 Apr 21, 2026
Memory Safety Bugs in Firefox 149 & Thunderbird 149 Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
Firefox
Thunderbird
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.