CVE-2026-12291 is a vulnerability in Mozilla Firefox
Published on June 16, 2026
Use-after-free in the Networking: HTTP component
Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37.
Products Associated with CVE-2026-12291
Want to know whenever a new CVE is published for Mozilla Firefox? stack.watch will email you.
Affected Versions
Mozilla Firefox:- Version 115.37, <= 115.* is unaffected.
- Version 140.12, <= 140.* is unaffected.
- Version 152, <= * is unaffected.