Firefox mobile
This hub aggregates every CVE we track for Firefox mobile, a product in the consumer software space. Use it to gauge the current risk picture and drill into individual advisories.
22
CVEs tracked
18
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL18MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Firefox mobile.
- CVE-2026-53900Cookie injection was possible when opening a PDF link4.3
- CVE-2026-53899Cross-origin cookies could be leaked when opening a PDF link6.5
- CVE-2012-3979Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web...6.8
- CVE-2012-1131FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and ...9.3
- CVE-2012-1127FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) o...9.3
- CVE-2012-1136FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) ...9.3
- CVE-2012-1132FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) o...9.3
- CVE-2012-1133FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) ...9.3
- CVE-2012-1141FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) o...9.3
- CVE-2012-1144FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) ...9.3
- CVE-2012-1138FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) o...9.3
- CVE-2012-1129FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) o...9.3
- CVE-2012-1139Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation an...9.3
- CVE-2012-1137FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) o...9.3
- CVE-2012-1142FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) ...9.3
Product normalization is registry-driven with AI assist and human review. How it works