Firefox
This hub aggregates every CVE we track for Firefox, a product in the consumer software space. Use it to gauge the current risk picture and drill into individual advisories.
Consumer Softwaredesktop app
3,213
CVEs tracked
878
Critical
961
High
15
In CISA KEV
Severity distribution
MEDIUM1,302HIGH961CRITICAL878LOW72
Monthly trend
16
18
12
27
20
0
14
12
18
22
13
15
17
19
14
16
16
16
18
54
48
51
43
46
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Firefox.
- CVE-2026-12330Incorrect boundary conditions in the Internationalization component5.4
- CVE-2026-12329Memory safety bug fixed in Thunderbird ESR 140.125.3
- CVE-2026-12328Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 1528.1
- CVE-2026-12327Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 1528.1
- CVE-2026-12326Memory safety bugs fixed in Firefox 152 and Thunderbird 1528.1
- CVE-2026-12325Denial-of-service in the Graphics: ImageLib component6.5
- CVE-2026-12324Incorrect boundary conditions in the Graphics: CanvasWebGL component7.3
- CVE-2026-12323Spoofing issue in the DOM: Core & HTML component5.4
- CVE-2026-12322Clickjacking issue in the Widget: Gtk component5.4
- CVE-2026-12321JIT miscompilation in the JavaScript: WebAssembly component5.4
- CVE-2026-12320Information disclosure in the Password Manager component4.3
- CVE-2026-12319Denial-of-service in the Audio/Video: Playback component6.5
- CVE-2026-12318Incorrect boundary conditions in the Libraries component in NSS7.3
- CVE-2026-12317Memory safety bug fixed in Firefox 1527.5
- CVE-2026-12316Mitigation bypass in the DOM: Security component9.1
Product normalization is registry-driven with AI assist and human review. How it works